Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pc,pci: bugfixes
Small bugfixes all over the place.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Tue 03 Aug 2021 21:32:43 BST
# gpg: using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg: issuer "mst@redhat.com"
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
Drop _DSM 5 from expected DSDTs on ARM
Revert "acpi/gpex: Inform os to keep firmware resource map"
arm/acpi: allow DSDT changes
acpi: x86: pcihp: add support hotplug on multifunction bridges
hw/pcie-root-port: Fix hotplug for PCI devices requiring IO
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
diff --git a/.gitlab-ci.d/buildtest-template.yml b/.gitlab-ci.d/buildtest-template.yml
index 3e3e19d..fcbcc4e 100644
--- a/.gitlab-ci.d/buildtest-template.yml
+++ b/.gitlab-ci.d/buildtest-template.yml
@@ -73,9 +73,9 @@
# in its namespace setting or via git-push option, see documentation
# in /.gitlab-ci.yml of this repository).
- if: '$CI_PROJECT_NAMESPACE == "qemu-project"'
- when: always
+ when: on_success
- if: '$QEMU_CI_AVOCADO_TESTING'
- when: always
+ when: on_success
# Otherwise, set to manual (the jobs are created but not run).
- when: manual
allow_failure: true
diff --git a/.gitlab-ci.d/buildtest.yml b/.gitlab-ci.d/buildtest.yml
index ee0c83b..903ee65 100644
--- a/.gitlab-ci.d/buildtest.yml
+++ b/.gitlab-ci.d/buildtest.yml
@@ -305,10 +305,10 @@
- cd tests/qemu-iotests/
- ./check -raw 001 002 003 004 005 008 009 010 011 012 021 025 032 033 048
052 063 077 086 101 104 106 113 148 150 151 152 157 159 160 163
- 170 171 183 184 192 194 197 208 215 221 222 226 227 236 253 277
+ 170 171 183 184 192 194 208 221 222 226 227 236 253 277
- ./check -qcow2 028 051 056 057 058 065 068 082 085 091 095 096 102 122
- 124 132 139 142 144 145 151 152 155 157 165 194 196 197 200 202
- 208 209 215 216 218 222 227 234 246 247 248 250 254 255 257 258
+ 124 132 139 142 144 145 151 152 155 157 165 194 196 200 202
+ 208 209 216 218 222 227 234 246 247 248 250 254 255 257 258
260 261 262 263 264 270 272 273 277 279
build-user:
@@ -416,6 +416,12 @@
expire_in: 2 days
paths:
- build
+ rules:
+ # FIXME: This job is often failing, likely due to out-of-memory problems in
+ # the constrained containers of the shared runners. Thus this is marked as
+ # manual until the situation has been solved.
+ - when: manual
+ allow_failure: true
check-cfi-aarch64:
extends: .native_test_job_template
@@ -452,6 +458,12 @@
expire_in: 2 days
paths:
- build
+ rules:
+ # FIXME: This job is often failing, likely due to out-of-memory problems in
+ # the constrained containers of the shared runners. Thus this is marked as
+ # manual until the situation has been solved.
+ - when: manual
+ allow_failure: true
check-cfi-ppc64-s390x:
extends: .native_test_job_template
diff --git a/.gitlab-ci.d/custom-runners.yml b/.gitlab-ci.d/custom-runners.yml
index 061d3cd..564b945 100644
--- a/.gitlab-ci.d/custom-runners.yml
+++ b/.gitlab-ci.d/custom-runners.yml
@@ -24,7 +24,8 @@
- ubuntu_18.04
- s390x
rules:
- - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ - if: '$CI_PROJECT_NAMESPACE == "qemu-project" && $CI_COMMIT_BRANCH =~ /^staging/'
+ - if: "$S390X_RUNNER_AVAILABLE"
script:
# --disable-libssh is needed because of https://bugs.launchpad.net/qemu/+bug/1838763
# --disable-glusterfs is needed because there's no static version of those libs in distro supplied packages
@@ -43,7 +44,8 @@
- ubuntu_18.04
- s390x
rules:
- - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ - if: '$CI_PROJECT_NAMESPACE == "qemu-project" && $CI_COMMIT_BRANCH =~ /^staging/'
+ - if: "$S390X_RUNNER_AVAILABLE"
script:
- mkdir build
- cd build
@@ -59,7 +61,8 @@
- ubuntu_18.04
- s390x
rules:
- - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ - if: '$CI_PROJECT_NAMESPACE == "qemu-project" && $CI_COMMIT_BRANCH =~ /^staging/'
+ - if: "$S390X_RUNNER_AVAILABLE"
script:
- mkdir build
- cd build
@@ -76,7 +79,9 @@
- ubuntu_18.04
- s390x
rules:
- - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ - if: '$CI_PROJECT_NAMESPACE == "qemu-project" && $CI_COMMIT_BRANCH =~ /^staging/'
+ when: manual
+ - if: "$S390X_RUNNER_AVAILABLE"
when: manual
script:
- mkdir build
@@ -93,7 +98,8 @@
- ubuntu_18.04
- s390x
rules:
- - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ - if: '$CI_PROJECT_NAMESPACE == "qemu-project" && $CI_COMMIT_BRANCH =~ /^staging/'
+ - if: "$S390X_RUNNER_AVAILABLE"
script:
- mkdir build
- cd build
@@ -108,7 +114,9 @@
- ubuntu_18.04
- s390x
rules:
- - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ - if: '$CI_PROJECT_NAMESPACE == "qemu-project" && $CI_COMMIT_BRANCH =~ /^staging/'
+ when: manual
+ - if: "$S390X_RUNNER_AVAILABLE"
when: manual
script:
- mkdir build
@@ -128,7 +136,8 @@
- ubuntu_20.04
- aarch64
rules:
- - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ - if: '$CI_PROJECT_NAMESPACE == "qemu-project" && $CI_COMMIT_BRANCH =~ /^staging/'
+ - if: "$S390X_RUNNER_AVAILABLE"
script:
# --disable-libssh is needed because of https://bugs.launchpad.net/qemu/+bug/1838763
# --disable-glusterfs is needed because there's no static version of those libs in distro supplied packages
@@ -147,7 +156,8 @@
- ubuntu_20.04
- aarch64
rules:
- - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ - if: '$CI_PROJECT_NAMESPACE == "qemu-project" && $CI_COMMIT_BRANCH =~ /^staging/'
+ - if: "$S390X_RUNNER_AVAILABLE"
script:
- mkdir build
- cd build
@@ -163,7 +173,8 @@
- ubuntu_20.04
- aarch64
rules:
- - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ - if: '$CI_PROJECT_NAMESPACE == "qemu-project" && $CI_COMMIT_BRANCH =~ /^staging/'
+ - if: "$S390X_RUNNER_AVAILABLE"
script:
- mkdir build
- cd build
@@ -180,7 +191,9 @@
- ubuntu_20.04
- aarch64
rules:
- - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ - if: '$CI_PROJECT_NAMESPACE == "qemu-project" && $CI_COMMIT_BRANCH =~ /^staging/'
+ when: manual
+ - if: "$S390X_RUNNER_AVAILABLE"
when: manual
script:
- mkdir build
@@ -197,7 +210,8 @@
- ubuntu_20.04
- aarch64
rules:
- - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ - if: '$CI_PROJECT_NAMESPACE == "qemu-project" && $CI_COMMIT_BRANCH =~ /^staging/'
+ - if: "$S390X_RUNNER_AVAILABLE"
script:
- mkdir build
- cd build
@@ -212,7 +226,9 @@
- ubuntu_20.04
- aarch64
rules:
- - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ - if: '$CI_PROJECT_NAMESPACE == "qemu-project" && $CI_COMMIT_BRANCH =~ /^staging/'
+ when: manual
+ - if: "$S390X_RUNNER_AVAILABLE"
when: manual
script:
- mkdir build
diff --git a/.gitlab-ci.d/edk2.yml b/.gitlab-ci.d/edk2.yml
index aae2f7a..62497ba 100644
--- a/.gitlab-ci.d/edk2.yml
+++ b/.gitlab-ci.d/edk2.yml
@@ -8,11 +8,11 @@
- .gitlab-ci.d/edk2/Dockerfile
# or roms/edk2/ is modified (submodule updated)
- roms/edk2/*
- when: always
+ when: on_success
- if: '$CI_COMMIT_REF_NAME =~ /^edk2/' # or the branch/tag starts with 'edk2'
- when: always
+ when: on_success
- if: '$CI_COMMIT_MESSAGE =~ /edk2/i' # or last commit description contains 'EDK2'
- when: always
+ when: on_success
docker-edk2:
extends: .edk2_job_rules
diff --git a/.gitlab-ci.d/opensbi.yml b/.gitlab-ci.d/opensbi.yml
index d8a0456..5e0a247 100644
--- a/.gitlab-ci.d/opensbi.yml
+++ b/.gitlab-ci.d/opensbi.yml
@@ -6,14 +6,14 @@
- .gitlab-ci.d/opensbi.yml
# or the Dockerfile is modified
- .gitlab-ci.d/opensbi/Dockerfile
- when: always
+ when: on_success
- changes: # or roms/opensbi/ is modified (submodule updated)
- roms/opensbi/*
- when: always
+ when: on_success
- if: '$CI_COMMIT_REF_NAME =~ /^opensbi/' # or the branch/tag starts with 'opensbi'
- when: always
+ when: on_success
- if: '$CI_COMMIT_MESSAGE =~ /opensbi/i' # or last commit description contains 'OpenSBI'
- when: always
+ when: on_success
docker-opensbi:
extends: .opensbi_job_rules
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 6dc5385..9762dda 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -16,24 +16,9 @@
# QEMU CI jobs are based on templates. Some templates provide
# user-configurable options, modifiable via configuration variables.
#
-# These variables can be set globally in the user's CI namespace
-# setting:
-# https://docs.gitlab.com/ee/ci/variables/#create-a-custom-variable-in-the-ui
-# or set manually each time a branch/tag is pushed, as a git-push
-# command line argument:
-# https://docs.gitlab.com/ee/user/project/push_options.html#push-options-for-gitlab-cicd
+# See https://qemu-project.gitlab.io/qemu/devel/ci.html#custom-ci-cd-variables
+# for more information.
#
-# Example setting the QEMU_CI_EXAMPLE_VAR variable:
-#
-# git push -o ci.variable="QEMU_CI_EXAMPLE_VAR=value" myrepo mybranch
-#
-# ----------------------------------------------------------------------
-#
-# List of environment variables that can be use to modify the set
-# of jobs selected:
-#
-# - QEMU_CI_AVOCADO_TESTING
-# If set, tests using the Avocado framework will be run
include:
- local: '/.gitlab-ci.d/qemu-project.yml'
diff --git a/MAINTAINERS b/MAINTAINERS
index 42ac45c..37b1a8e 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -684,6 +684,7 @@
F: include/hw/arm/fsl-imx25.h
F: include/hw/misc/imx25_ccm.h
F: include/hw/watchdog/wdt_imx2.h
+F: docs/system/arm/imx25-pdk.rst
i.MX31 (kzm)
M: Peter Maydell <peter.maydell@linaro.org>
@@ -694,6 +695,7 @@
F: hw/*/*imx31*
F: include/hw/*/imx_*
F: include/hw/*/*imx31*
+F: docs/system/arm/kzm.rst
Integrator CP
M: Peter Maydell <peter.maydell@linaro.org>
@@ -786,7 +788,6 @@
F: docs/system/arm/nuvoton.rst
nSeries
-M: Andrzej Zaborowski <balrogg@gmail.com>
M: Peter Maydell <peter.maydell@linaro.org>
L: qemu-arm@nongnu.org
S: Odd Fixes
@@ -804,7 +805,6 @@
F: docs/system/arm/nseries.rst
Palm
-M: Andrzej Zaborowski <balrogg@gmail.com>
M: Peter Maydell <peter.maydell@linaro.org>
L: qemu-arm@nongnu.org
S: Odd Fixes
@@ -837,7 +837,6 @@
F: docs/system/arm/realview.rst
PXA2XX
-M: Andrzej Zaborowski <balrogg@gmail.com>
M: Peter Maydell <peter.maydell@linaro.org>
L: qemu-arm@nongnu.org
S: Odd Fixes
@@ -856,6 +855,7 @@
F: include/hw/arm/sharpsl.h
F: include/hw/display/tc6393xb.h
F: docs/system/arm/xscale.rst
+F: docs/system/arm/mainstone.rst
SABRELITE / i.MX6
M: Peter Maydell <peter.maydell@linaro.org>
@@ -1836,8 +1836,7 @@
F: hw/usb/*
F: stubs/usb-dev-stub.c
F: tests/qtest/usb-*-test.c
-F: docs/usb2.txt
-F: docs/usb-storage.txt
+F: docs/system/devices/usb.rst
F: include/hw/usb.h
F: include/hw/usb/
@@ -3041,7 +3040,7 @@
F: disas/libvixl/
ARM TCG target
-M: Andrzej Zaborowski <balrogg@gmail.com>
+M: Richard Henderson <richard.henderson@linaro.org>
S: Maintained
L: qemu-arm@nongnu.org
F: tcg/arm/
@@ -3178,6 +3177,7 @@
NVMe Block Driver
M: Stefan Hajnoczi <stefanha@redhat.com>
R: Fam Zheng <fam@euphon.net>
+R: Philippe Mathieu-Daudé <philmd@redhat.com>
L: qemu-block@nongnu.org
S: Supported
F: block/nvme*
@@ -3257,6 +3257,7 @@
M: Aarushi Mehta <mehta.aaru20@gmail.com>
M: Julia Suvorova <jusual@redhat.com>
M: Stefan Hajnoczi <stefanha@redhat.com>
+R: Stefano Garzarella <sgarzare@redhat.com>
L: qemu-block@nongnu.org
S: Maintained
F: block/io_uring.c
diff --git a/Makefile b/Makefile
index 6c36330..401c623 100644
--- a/Makefile
+++ b/Makefile
@@ -129,9 +129,11 @@
# 4. Rules to bridge to other makefiles
ifneq ($(NINJA),)
-MAKE.n = $(findstring n,$(firstword $(MAKEFLAGS)))
-MAKE.k = $(findstring k,$(firstword $(MAKEFLAGS)))
-MAKE.q = $(findstring q,$(firstword $(MAKEFLAGS)))
+# Filter out long options to avoid flags like --no-print-directory which
+# may result in false positive match for MAKE.n
+MAKE.n = $(findstring n,$(firstword $(filter-out --%,$(MAKEFLAGS))))
+MAKE.k = $(findstring k,$(firstword $(filter-out --%,$(MAKEFLAGS))))
+MAKE.q = $(findstring q,$(firstword $(filter-out --%,$(MAKEFLAGS))))
MAKE.nq = $(if $(word 2, $(MAKE.n) $(MAKE.q)),nq)
NINJAFLAGS = $(if $V,-v) $(if $(MAKE.n), -n) $(if $(MAKE.k), -k0) \
$(filter-out -j, $(lastword -j1 $(filter -l% -j%, $(MAKEFLAGS)))) \
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index e5b10dd..0125c17 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -2397,6 +2397,12 @@
"- for kernels supporting the vm.allocate_pgste sysctl, "
"whether it is enabled\n");
}
+#elif defined(TARGET_PPC)
+ if (ret == -EINVAL) {
+ fprintf(stderr,
+ "PPC KVM module is not loaded. Try modprobe kvm_%s.\n",
+ (type == 2) ? "pr" : "hv");
+ }
#endif
goto err;
}
diff --git a/accel/tcg/atomic_template.h b/accel/tcg/atomic_template.h
index d89af4c..8098a1b 100644
--- a/accel/tcg/atomic_template.h
+++ b/accel/tcg/atomic_template.h
@@ -252,7 +252,6 @@
uint16_t info = atomic_trace_st_pre(env, addr, oi);
val = BSWAP(val);
- val = BSWAP(val);
atomic16_set(haddr, val);
ATOMIC_MMU_CLEANUP;
atomic_trace_st_post(env, addr, info);
diff --git a/block/io.c b/block/io.c
index e0a689c..a199427 100644
--- a/block/io.c
+++ b/block/io.c
@@ -1841,7 +1841,7 @@
ret = bdrv_pad_request(bs, &qiov, &qiov_offset, &offset, &bytes, &pad,
NULL);
if (ret < 0) {
- return ret;
+ goto fail;
}
tracked_request_begin(&req, bs, offset, bytes, BDRV_TRACKED_READ);
@@ -1849,10 +1849,11 @@
bs->bl.request_alignment,
qiov, qiov_offset, flags);
tracked_request_end(&req);
- bdrv_dec_in_flight(bs);
-
bdrv_padding_destroy(&pad);
+fail:
+ bdrv_dec_in_flight(bs);
+
return ret;
}
diff --git a/block/io_uring.c b/block/io_uring.c
index 00a3ee9..dfa475c 100644
--- a/block/io_uring.c
+++ b/block/io_uring.c
@@ -165,7 +165,21 @@
total_bytes = ret + luringcb->total_read;
if (ret < 0) {
- if (ret == -EINTR) {
+ /*
+ * Only writev/readv/fsync requests on regular files or host block
+ * devices are submitted. Therefore -EAGAIN is not expected but it's
+ * known to happen sometimes with Linux SCSI. Submit again and hope
+ * the request completes successfully.
+ *
+ * For more information, see:
+ * https://lore.kernel.org/io-uring/20210727165811.284510-3-axboe@kernel.dk/T/#u
+ *
+ * If the code is changed to submit other types of requests in the
+ * future, then this workaround may need to be extended to deal with
+ * genuine -EAGAIN results that should not be resubmitted
+ * immediately.
+ */
+ if (ret == -EINTR || ret == -EAGAIN) {
luring_resubmit(s, luringcb);
continue;
}
diff --git a/configure b/configure
index 79e2ddc..9a79a00 100755
--- a/configure
+++ b/configure
@@ -770,7 +770,8 @@
;;
Haiku)
haiku="yes"
- QEMU_CFLAGS="-DB_USE_POSITIVE_POSIX_ERRORS -D_BSD_SOURCE $QEMU_CFLAGS"
+ pie="no"
+ QEMU_CFLAGS="-DB_USE_POSITIVE_POSIX_ERRORS -D_BSD_SOURCE -fPIC $QEMU_CFLAGS"
;;
Linux)
audio_drv_list="try-pa oss"
@@ -3881,7 +3882,7 @@
}
int main(int argc, char *argv[]) { return bar(argv[0]); }
EOF
- if compile_object "" ; then
+ if compile_object "-Werror" ; then
avx2_opt="yes"
else
avx2_opt="no"
@@ -3911,7 +3912,7 @@
return bar(argv[0]);
}
EOF
- if ! compile_object "" ; then
+ if ! compile_object "-Werror" ; then
avx512f_opt="no"
fi
else
diff --git a/docs/about/index.rst b/docs/about/index.rst
index 689a986..beb762a 100644
--- a/docs/about/index.rst
+++ b/docs/about/index.rst
@@ -15,7 +15,7 @@
In this mode the CPU is always emulated.
QEMU also provides a number of standalone commandline utilities,
-such as the `qemu-img` disk image utility that allows you to create,
+such as the ``qemu-img`` disk image utility that allows you to create,
convert and modify disk images.
.. toctree::
diff --git a/docs/about/removed-features.rst b/docs/about/removed-features.rst
index 28bb035..07d5978 100644
--- a/docs/about/removed-features.rst
+++ b/docs/about/removed-features.rst
@@ -124,7 +124,7 @@
'''''''''''''''''''''''''''''''''''''
This option was undocumented and not used in the field.
-Use `-device usb-ccid`` instead.
+Use ``-device usb-ccid`` instead.
RISC-V firmware not booted by default (removed in 5.1)
''''''''''''''''''''''''''''''''''''''''''''''''''''''
diff --git a/docs/barrier.txt b/docs/barrier.txt
deleted file mode 100644
index b21d150..0000000
--- a/docs/barrier.txt
+++ /dev/null
@@ -1,370 +0,0 @@
- QEMU Barrier Client
-
-
-* About
-
- Barrier is a KVM (Keyboard-Video-Mouse) software forked from Symless's
- synergy 1.9 codebase.
-
- See https://github.com/debauchee/barrier
-
-* QEMU usage
-
- Generally, mouse and keyboard are grabbed through the QEMU video
- interface emulation.
-
- But when we want to use a video graphic adapter via a PCI passthrough
- there is no way to provide the keyboard and mouse inputs to the VM
- except by plugging a second set of mouse and keyboard to the host
- or by installing a KVM software in the guest OS.
-
- The QEMU Barrier client avoids this by implementing directly the Barrier
- protocol into QEMU.
-
- This protocol is enabled by adding an input-barrier object to QEMU.
-
- Syntax: input-barrier,id=<object-id>,name=<guest display name>
- [,server=<barrier server address>][,port=<barrier server port>]
- [,x-origin=<x-origin>][,y-origin=<y-origin>]
- [,width=<width>][,height=<height>]
-
- The object can be added on the QEMU command line, for instance with:
-
- ... -object input-barrier,id=barrier0,name=VM-1 ...
-
- where VM-1 is the name the display configured int the Barrier server
- on the host providing the mouse and the keyboard events.
-
- by default <barrier server address> is "localhost", port is 24800,
- <x-origin> and <y-origin> are set to 0, <width> and <height> to
- 1920 and 1080.
-
- If Barrier server is stopped QEMU needs to be reconnected manually,
- by removing and re-adding the input-barrier object, for instance
- with the help of the HMP monitor:
-
- (qemu) object_del barrier0
- (qemu) object_add input-barrier,id=barrier0,name=VM-1
-
-* Message format
-
- Message format between the server and client is in two parts:
-
- 1- the payload length is a 32bit integer in network endianness,
- 2- the payload
-
- The payload starts with a 4byte string (without NUL) which is the
- command. The first command between the server and the client
- is the only command not encoded on 4 bytes ("Barrier").
- The remaining part of the payload is decoded according to the command.
-
-* Protocol Description (from barrier/src/lib/barrier/protocol_types.h)
-
- - barrierCmdHello "Barrier"
-
- Direction: server -> client
- Parameters: { int16_t minor, int16_t major }
- Description:
-
- Say hello to client
- minor = protocol major version number supported by server
- major = protocol minor version number supported by server
-
- - barrierCmdHelloBack "Barrier"
-
- Direction: client ->server
- Parameters: { int16_t minor, int16_t major, char *name}
- Description:
-
- Respond to hello from server
- minor = protocol major version number supported by client
- major = protocol minor version number supported by client
- name = client name
-
- - barrierCmdDInfo "DINF"
-
- Direction: client ->server
- Parameters: { int16_t x_origin, int16_t y_origin, int16_t width, int16_t height, int16_t x, int16_t y}
- Description:
-
- The client screen must send this message in response to the
- barrierCmdQInfo message. It must also send this message when the
- screen's resolution changes. In this case, the client screen should
- ignore any barrierCmdDMouseMove messages until it receives a
- barrierCmdCInfoAck in order to prevent attempts to move the mouse off
- the new screen area.
-
- - barrierCmdCNoop "CNOP"
-
- Direction: client -> server
- Parameters: None
- Description:
-
- No operation
-
- - barrierCmdCClose "CBYE"
-
- Direction: server -> client
- Parameters: None
- Description:
-
- Close connection
-
- - barrierCmdCEnter "CINN"
-
- Direction: server -> client
- Parameters: { int16_t x, int16_t y, int32_t seq, int16_t modifier }
- Description:
-
- Enter screen.
- x,y = entering screen absolute coordinates
- seq = sequence number, which is used to order messages between
- screens. the secondary screen must return this number
- with some messages
- modifier = modifier key mask. this will have bits set for each
- toggle modifier key that is activated on entry to the
- screen. the secondary screen should adjust its toggle
- modifiers to reflect that state.
-
- - barrierCmdCLeave "COUT"
-
- Direction: server -> client
- Parameters: None
- Description:
-
- Leaving screen. the secondary screen should send clipboard data in
- response to this message for those clipboards that it has grabbed
- (i.e. has sent a barrierCmdCClipboard for and has not received a
- barrierCmdCClipboard for with a greater sequence number) and that
- were grabbed or have changed since the last leave.
-
- - barrierCmdCClipboard "CCLP"
-
- Direction: server -> client
- Parameters: { int8_t id, int32_t seq }
- Description:
-
- Grab clipboard. Sent by screen when some other app on that screen
- grabs a clipboard.
- id = the clipboard identifier
- seq = sequence number. Client must use the sequence number passed in
- the most recent barrierCmdCEnter. the server always sends 0.
-
- - barrierCmdCScreenSaver "CSEC"
-
- Direction: server -> client
- Parameters: { int8_t started }
- Description:
-
- Screensaver change.
- started = Screensaver on primary has started (1) or closed (0)
-
- - barrierCmdCResetOptions "CROP"
-
- Direction: server -> client
- Parameters: None
- Description:
-
- Reset options. Client should reset all of its options to their
- defaults.
-
- - barrierCmdCInfoAck "CIAK"
-
- Direction: server -> client
- Parameters: None
- Description:
-
- Resolution change acknowledgment. Sent by server in response to a
- client screen's barrierCmdDInfo. This is sent for every
- barrierCmdDInfo, whether or not the server had sent a barrierCmdQInfo.
-
- - barrierCmdCKeepAlive "CALV"
-
- Direction: server -> client
- Parameters: None
- Description:
-
- Keep connection alive. Sent by the server periodically to verify
- that connections are still up and running. clients must reply in
- kind on receipt. if the server gets an error sending the message or
- does not receive a reply within a reasonable time then the server
- disconnects the client. if the client doesn't receive these (or any
- message) periodically then it should disconnect from the server. the
- appropriate interval is defined by an option.
-
- - barrierCmdDKeyDown "DKDN"
-
- Direction: server -> client
- Parameters: { int16_t keyid, int16_t modifier [,int16_t button] }
- Description:
-
- Key pressed.
- keyid = X11 key id
- modified = modified mask
- button = X11 Xkb keycode (optional)
-
- - barrierCmdDKeyRepeat "DKRP"
-
- Direction: server -> client
- Parameters: { int16_t keyid, int16_t modifier, int16_t repeat [,int16_t button] }
- Description:
-
- Key auto-repeat.
- keyid = X11 key id
- modified = modified mask
- repeat = number of repeats
- button = X11 Xkb keycode (optional)
-
- - barrierCmdDKeyUp "DKUP"
-
- Direction: server -> client
- Parameters: { int16_t keyid, int16_t modifier [,int16_t button] }
- Description:
-
- Key released.
- keyid = X11 key id
- modified = modified mask
- button = X11 Xkb keycode (optional)
-
- - barrierCmdDMouseDown "DMDN"
-
- Direction: server -> client
- Parameters: { int8_t button }
- Description:
-
- Mouse button pressed.
- button = button id
-
- - barrierCmdDMouseUp "DMUP"
-
- Direction: server -> client
- Parameters: { int8_t button }
- Description:
-
- Mouse button release.
- button = button id
-
- - barrierCmdDMouseMove "DMMV"
-
- Direction: server -> client
- Parameters: { int16_t x, int16_t y }
- Description:
-
- Absolute mouse moved.
- x,y = absolute screen coordinates
-
- - barrierCmdDMouseRelMove "DMRM"
-
- Direction: server -> client
- Parameters: { int16_t x, int16_t y }
- Description:
-
- Relative mouse moved.
- x,y = r relative screen coordinates
-
- - barrierCmdDMouseWheel "DMWM"
-
- Direction: server -> client
- Parameters: { int16_t x , int16_t y } or { int16_t y }
- Description:
-
- Mouse scroll. The delta should be +120 for one tick forward (away
- from the user) or right and -120 for one tick backward (toward the
- user) or left.
- x = x delta
- y = y delta
-
- - barrierCmdDClipboard "DCLP"
-
- Direction: server -> client
- Parameters: { int8_t id, int32_t seq, int8_t mark, char *data }
- Description:
-
- Clipboard data.
- id = clipboard id
- seq = sequence number. The sequence number is 0 when sent by the
- server. Client screens should use the/ sequence number from
- the most recent barrierCmdCEnter.
-
- - barrierCmdDSetOptions "DSOP"
-
- Direction: server -> client
- Parameters: { int32 t nb, { int32_t id, int32_t val }[] }
- Description:
-
- Set options. Client should set the given option/value pairs.
- nb = numbers of { id, val } entries
- id = option id
- val = option new value
-
- - barrierCmdDFileTransfer "DFTR"
-
- Direction: server -> client
- Parameters: { int8_t mark, char *content }
- Description:
-
- Transfer file data.
- mark = 0 means the content followed is the file size
- 1 means the content followed is the chunk data
- 2 means the file transfer is finished
-
- - barrierCmdDDragInfo "DDRG" int16_t char *
-
- Direction: server -> client
- Parameters: { int16_t nb, char *content }
- Description:
-
- Drag information.
- nb = number of dragging objects
- content = object's directory
-
- - barrierCmdQInfo "QINF"
-
- Direction: server -> client
- Parameters: None
- Description:
-
- Query screen info
- Client should reply with a barrierCmdDInfo
-
- - barrierCmdEIncompatible "EICV"
-
- Direction: server -> client
- Parameters: { int16_t nb, major *minor }
- Description:
-
- Incompatible version.
- major = major version
- minor = minor version
-
- - barrierCmdEBusy "EBSY"
-
- Direction: server -> client
- Parameters: None
- Description:
-
- Name provided when connecting is already in use.
-
- - barrierCmdEUnknown "EUNK"
-
- Direction: server -> client
- Parameters: None
- Description:
-
- Unknown client. Name provided when connecting is not in primary's
- screen configuration map.
-
- - barrierCmdEBad "EBAD"
-
- Direction: server -> client
- Parameters: None
- Description:
-
- Protocol violation. Server should disconnect after sending this
- message.
-
-* TO DO
-
- - Enable SSL
- - Manage SetOptions/ResetOptions commands
-
diff --git a/docs/bootindex.txt b/docs/bootindex.txt
deleted file mode 100644
index 6937862..0000000
--- a/docs/bootindex.txt
+++ /dev/null
@@ -1,52 +0,0 @@
-= Bootindex property =
-
-Block and net devices have bootindex property. This property is used to
-determine the order in which firmware will consider devices for booting
-the guest OS. If the bootindex property is not set for a device, it gets
-lowest boot priority. There is no particular order in which devices with
-unset bootindex property will be considered for booting, but they will
-still be bootable.
-
-== Example ==
-
-Let's assume we have a QEMU machine with two NICs (virtio, e1000) and two
-disks (IDE, virtio):
-
-qemu -drive file=disk1.img,if=none,id=disk1
- -device ide-hd,drive=disk1,bootindex=4
- -drive file=disk2.img,if=none,id=disk2
- -device virtio-blk-pci,drive=disk2,bootindex=3
- -netdev type=user,id=net0 -device virtio-net-pci,netdev=net0,bootindex=2
- -netdev type=user,id=net1 -device e1000,netdev=net1,bootindex=1
-
-Given the command above, firmware should try to boot from the e1000 NIC
-first. If this fails, it should try the virtio NIC next; if this fails
-too, it should try the virtio disk, and then the IDE disk.
-
-== Limitations ==
-
-1. Some firmware has limitations on which devices can be considered for
-booting. For instance, the PC BIOS boot specification allows only one
-disk to be bootable. If boot from disk fails for some reason, the BIOS
-won't retry booting from other disk. It can still try to boot from
-floppy or net, though.
-
-2. Sometimes, firmware cannot map the device path QEMU wants firmware to
-boot from to a boot method. It doesn't happen for devices the firmware
-can natively boot from, but if firmware relies on an option ROM for
-booting, and the same option ROM is used for booting from more then one
-device, the firmware may not be able to ask the option ROM to boot from
-a particular device reliably. For instance with the PC BIOS, if a SCSI HBA
-has three bootable devices target1, target3, target5 connected to it,
-the option ROM will have a boot method for each of them, but it is not
-possible to map from boot method back to a specific target. This is a
-shortcoming of the PC BIOS boot specification.
-
-== Mixing bootindex and boot order parameters ==
-
-Note that it does not make sense to use the bootindex property together
-with the "-boot order=..." (or "-boot once=...") parameter. The guest
-firmware implementations normally either support the one or the other,
-but not both parameters at the same time. Mixing them will result in
-undefined behavior, and thus the guest firmware will likely not boot
-from the expected devices.
diff --git a/docs/devel/build-system.rst b/docs/devel/build-system.rst
index fd16504..3baec15 100644
--- a/docs/devel/build-system.rst
+++ b/docs/devel/build-system.rst
@@ -53,14 +53,14 @@
- Add a Meson build option to meson_options.txt.
- Add support to the command line arg parser to handle any new
- `--enable-XXX`/`--disable-XXX` flags required by the feature.
+ ``--enable-XXX``/``--disable-XXX`` flags required by the feature.
- Add information to the help output message to report on the new
feature flag.
- Add code to perform the actual feature check.
- - Add code to include the feature status in `config-host.h`
+ - Add code to include the feature status in ``config-host.h``
- Add code to print out the feature status in the configure summary
upon completion.
@@ -116,51 +116,51 @@
The configure script provides a variety of helper functions to assist
developers in checking for system features:
-`do_cc $ARGS...`
+``do_cc $ARGS...``
Attempt to run the system C compiler passing it $ARGS...
-`do_cxx $ARGS...`
+``do_cxx $ARGS...``
Attempt to run the system C++ compiler passing it $ARGS...
-`compile_object $CFLAGS`
+``compile_object $CFLAGS``
Attempt to compile a test program with the system C compiler using
$CFLAGS. The test program must have been previously written to a file
- called $TMPC. The replacement in Meson is the compiler object `cc`,
- which has methods such as `cc.compiles()`,
- `cc.check_header()`, `cc.has_function()`.
+ called $TMPC. The replacement in Meson is the compiler object ``cc``,
+ which has methods such as ``cc.compiles()``,
+ ``cc.check_header()``, ``cc.has_function()``.
-`compile_prog $CFLAGS $LDFLAGS`
+``compile_prog $CFLAGS $LDFLAGS``
Attempt to compile a test program with the system C compiler using
$CFLAGS and link it with the system linker using $LDFLAGS. The test
program must have been previously written to a file called $TMPC.
- The replacement in Meson is `cc.find_library()` and `cc.links()`.
+ The replacement in Meson is ``cc.find_library()`` and ``cc.links()``.
-`has $COMMAND`
+``has $COMMAND``
Determine if $COMMAND exists in the current environment, either as a
shell builtin, or executable binary, returning 0 on success. The
- replacement in Meson is `find_program()`.
+ replacement in Meson is ``find_program()``.
-`check_define $NAME`
+``check_define $NAME``
Determine if the macro $NAME is defined by the system C compiler
-`check_include $NAME`
+``check_include $NAME``
Determine if the include $NAME file is available to the system C
- compiler. The replacement in Meson is `cc.has_header()`.
+ compiler. The replacement in Meson is ``cc.has_header()``.
-`write_c_skeleton`
+``write_c_skeleton``
Write a minimal C program main() function to the temporary file
indicated by $TMPC
-`feature_not_found $NAME $REMEDY`
+``feature_not_found $NAME $REMEDY``
Print a message to stderr that the feature $NAME was not available
on the system, suggesting the user try $REMEDY to address the
problem.
-`error_exit $MESSAGE $MORE...`
+``error_exit $MESSAGE $MORE...``
Print $MESSAGE to stderr, followed by $MORE... and then exit from the
configure script with non-zero status
-`query_pkg_config $ARGS...`
+``query_pkg_config $ARGS...``
Run pkg-config passing it $ARGS. If QEMU is doing a static build,
then --static will be automatically added to $ARGS
@@ -187,7 +187,7 @@
4) other data files, such as icons or desktop files
-All executables are built by default, except for some `contrib/`
+All executables are built by default, except for some ``contrib/``
binaries that are known to fail to build on some platforms (for example
32-bit or big-endian platforms). Tests are also built by default,
though that might change in the future.
@@ -195,14 +195,14 @@
The source code is highly modularized, split across many files to
facilitate building of all of these components with as little duplicated
compilation as possible. Using the Meson "sourceset" functionality,
-`meson.build` files group the source files in rules that are
+``meson.build`` files group the source files in rules that are
enabled according to the available system libraries and to various
configuration symbols. Sourcesets belong to one of four groups:
Subsystem sourcesets:
Various subsystems that are common to both tools and emulators have
- their own sourceset, for example `block_ss` for the block device subsystem,
- `chardev_ss` for the character device subsystem, etc. These sourcesets
+ their own sourceset, for example ``block_ss`` for the block device subsystem,
+ ``chardev_ss`` for the character device subsystem, etc. These sourcesets
are then turned into static libraries as follows::
libchardev = static_library('chardev', chardev_ss.sources(),
@@ -211,8 +211,8 @@
chardev = declare_dependency(link_whole: libchardev)
- As of Meson 0.55.1, the special `.fa` suffix should be used for everything
- that is used with `link_whole`, to ensure that the link flags are placed
+ As of Meson 0.55.1, the special ``.fa`` suffix should be used for everything
+ that is used with ``link_whole``, to ensure that the link flags are placed
correctly in the command line.
Target-independent emulator sourcesets:
@@ -221,38 +221,38 @@
This includes error handling infrastructure, standard data structures,
platform portability wrapper functions, etc.
- Target-independent code lives in the `common_ss`, `softmmu_ss` and
- `user_ss` sourcesets. `common_ss` is linked into all emulators,
- `softmmu_ss` only in system emulators, `user_ss` only in user-mode
+ Target-independent code lives in the ``common_ss``, ``softmmu_ss`` and
+ ``user_ss`` sourcesets. ``common_ss`` is linked into all emulators,
+ ``softmmu_ss`` only in system emulators, ``user_ss`` only in user-mode
emulators.
Target-independent sourcesets must exercise particular care when using
- `if_false` rules. The `if_false` rule will be used correctly when linking
+ ``if_false`` rules. The ``if_false`` rule will be used correctly when linking
emulator binaries; however, when *compiling* target-independent files
- into .o files, Meson may need to pick *both* the `if_true` and
- `if_false` sides to cater for targets that want either side. To
+ into .o files, Meson may need to pick *both* the ``if_true`` and
+ ``if_false`` sides to cater for targets that want either side. To
achieve that, you can add a special rule using the ``CONFIG_ALL``
symbol::
# Some targets have CONFIG_ACPI, some don't, so this is not enough
- softmmu_ss.add(when: 'CONFIG_ACPI`, if_true: files('acpi.c'),
+ softmmu_ss.add(when: 'CONFIG_ACPI', if_true: files('acpi.c'),
if_false: files('acpi-stub.c'))
# This is required as well:
- softmmu_ss.add(when: 'CONFIG_ALL`, if_true: files('acpi-stub.c'))
+ softmmu_ss.add(when: 'CONFIG_ALL', if_true: files('acpi-stub.c'))
Target-dependent emulator sourcesets:
In the target-dependent set lives CPU emulation, some device emulation and
much glue code. This sometimes also has to be compiled multiple times,
once for each target being built. Target-dependent files are included
- in the `specific_ss` sourceset.
+ in the ``specific_ss`` sourceset.
- Each emulator also includes sources for files in the `hw/` and `target/`
+ Each emulator also includes sources for files in the ``hw/`` and ``target/``
subdirectories. The subdirectory used for each emulator comes
from the target's definition of ``TARGET_BASE_ARCH`` or (if missing)
- ``TARGET_ARCH``, as found in `default-configs/targets/*.mak`.
+ ``TARGET_ARCH``, as found in ``default-configs/targets/*.mak``.
- Each subdirectory in `hw/` adds one sourceset to the `hw_arch` dictionary,
+ Each subdirectory in ``hw/`` adds one sourceset to the ``hw_arch`` dictionary,
for example::
arm_ss = ss.source_set()
@@ -262,8 +262,8 @@
The sourceset is only used for system emulators.
- Each subdirectory in `target/` instead should add one sourceset to each
- of the `target_arch` and `target_softmmu_arch`, which are used respectively
+ Each subdirectory in ``target/`` instead should add one sourceset to each
+ of the ``target_arch`` and ``target_softmmu_arch``, which are used respectively
for all emulators and for system emulators only. For example::
arm_ss = ss.source_set()
@@ -273,11 +273,11 @@
target_softmmu_arch += {'arm': arm_softmmu_ss}
Module sourcesets:
- There are two dictionaries for modules: `modules` is used for
- target-independent modules and `target_modules` is used for
- target-dependent modules. When modules are disabled the `module`
- source sets are added to `softmmu_ss` and the `target_modules`
- source sets are added to `specific_ss`.
+ There are two dictionaries for modules: ``modules`` is used for
+ target-independent modules and ``target_modules`` is used for
+ target-dependent modules. When modules are disabled the ``module``
+ source sets are added to ``softmmu_ss`` and the ``target_modules``
+ source sets are added to ``specific_ss``.
Both dictionaries are nested. One dictionary is created per
subdirectory, and these per-subdirectory dictionaries are added to
@@ -290,15 +290,15 @@
modules += { 'hw-display': hw_display_modules }
Utility sourcesets:
- All binaries link with a static library `libqemuutil.a`. This library
+ All binaries link with a static library ``libqemuutil.a``. This library
is built from several sourcesets; most of them however host generated
- code, and the only two of general interest are `util_ss` and `stub_ss`.
+ code, and the only two of general interest are ``util_ss`` and ``stub_ss``.
The separation between these two is purely for documentation purposes.
- `util_ss` contains generic utility files. Even though this code is only
+ ``util_ss`` contains generic utility files. Even though this code is only
linked in some binaries, sometimes it requires hooks only in some of
these and depend on other functions that are not fully implemented by
- all QEMU binaries. `stub_ss` links dummy stubs that will only be linked
+ all QEMU binaries. ``stub_ss`` links dummy stubs that will only be linked
into the binary if the real implementation is not present. In a way,
the stubs can be thought of as a portable implementation of the weak
symbols concept.
@@ -307,8 +307,8 @@
The following files concur in the definition of which files are linked
into each emulator:
-`default-configs/devices/*.mak`
- The files under `default-configs/devices/` control the boards and devices
+``default-configs/devices/*.mak``
+ The files under ``default-configs/devices/`` control the boards and devices
that are built into each QEMU system emulation targets. They merely contain
a list of config variable definitions such as::
@@ -316,18 +316,18 @@
CONFIG_XLNX_ZYNQMP_ARM=y
CONFIG_XLNX_VERSAL=y
-`*/Kconfig`
- These files are processed together with `default-configs/devices/*.mak` and
+``*/Kconfig``
+ These files are processed together with ``default-configs/devices/*.mak`` and
describe the dependencies between various features, subsystems and
device models. They are described in :ref:`kconfig`
-`default-configs/targets/*.mak`
- These files mostly define symbols that appear in the `*-config-target.h`
+``default-configs/targets/*.mak``
+ These files mostly define symbols that appear in the ``*-config-target.h``
file for each emulator [#cfgtarget]_. However, the ``TARGET_ARCH``
- and ``TARGET_BASE_ARCH`` will also be used to select the `hw/` and
- `target/` subdirectories that are compiled into each target.
+ and ``TARGET_BASE_ARCH`` will also be used to select the ``hw/`` and
+ ``target/`` subdirectories that are compiled into each target.
-.. [#cfgtarget] This header is included by `qemu/osdep.h` when
+.. [#cfgtarget] This header is included by ``qemu/osdep.h`` when
compiling files from the target-specific sourcesets.
These files rarely need changing unless you are adding a completely
@@ -339,19 +339,19 @@
---------------
Meson has a special convention for invoking Python scripts: if their
-first line is `#! /usr/bin/env python3` and the file is *not* executable,
+first line is ``#! /usr/bin/env python3`` and the file is *not* executable,
find_program() arranges to invoke the script under the same Python
interpreter that was used to invoke Meson. This is the most common
and preferred way to invoke support scripts from Meson build files,
because it automatically uses the value of configure's --python= option.
-In case the script is not written in Python, use a `#! /usr/bin/env ...`
+In case the script is not written in Python, use a ``#! /usr/bin/env ...``
line and make the script executable.
Scripts written in Python, where it is desirable to make the script
executable (for example for test scripts that developers may want to
invoke from the command line, such as tests/qapi-schema/test-qapi.py),
-should be invoked through the `python` variable in meson.build. For
+should be invoked through the ``python`` variable in meson.build. For
example::
test('QAPI schema regression tests', python,
@@ -375,10 +375,10 @@
The resulting build system is largely non-recursive in nature, in
contrast to common practices seen with automake.
-Tests are also ran by the Makefile with the traditional `make check`
-phony target, while benchmarks are run with `make bench`. Meson test
-suites such as `unit` can be ran with `make check-unit` too. It is also
-possible to run tests defined in meson.build with `meson test`.
+Tests are also ran by the Makefile with the traditional ``make check``
+phony target, while benchmarks are run with ``make bench``. Meson test
+suites such as ``unit`` can be ran with ``make check-unit`` too. It is also
+possible to run tests defined in meson.build with ``meson test``.
Important files for the build system
====================================
@@ -390,28 +390,28 @@
the rules needed to build QEMU. Their behaviour is influenced by a
number of dynamically created files listed later.
-`Makefile`
+``Makefile``
The main entry point used when invoking make to build all the components
of QEMU. The default 'all' target will naturally result in the build of
every component. Makefile takes care of recursively building submodules
directly via a non-recursive set of rules.
-`*/meson.build`
+``*/meson.build``
The meson.build file in the root directory is the main entry point for the
Meson build system, and it coordinates the configuration and build of all
executables. Build rules for various subdirectories are included in
other meson.build files spread throughout the QEMU source tree.
-`tests/Makefile.include`
+``tests/Makefile.include``
Rules for external test harnesses. These include the TCG tests,
- `qemu-iotests` and the Avocado-based acceptance tests.
+ ``qemu-iotests`` and the Avocado-based acceptance tests.
-`tests/docker/Makefile.include`
+``tests/docker/Makefile.include``
Rules for Docker tests. Like tests/Makefile, this file is included
directly by the top level Makefile, anything defined in this file will
influence the entire build system.
-`tests/vm/Makefile.include`
+``tests/vm/Makefile.include``
Rules for VM-based tests. Like tests/Makefile, this file is included
directly by the top level Makefile, anything defined in this file will
influence the entire build system.
@@ -427,11 +427,11 @@
Built by configure:
-`config-host.mak`
+``config-host.mak``
When configure has determined the characteristics of the build host it
will write a long list of variables to config-host.mak file. This
provides the various install directories, compiler / linker flags and a
- variety of `CONFIG_*` variables related to optionally enabled features.
+ variety of ``CONFIG_*`` variables related to optionally enabled features.
This is imported by the top level Makefile and meson.build in order to
tailor the build output.
@@ -446,29 +446,29 @@
Built by Meson:
-`${TARGET-NAME}-config-devices.mak`
+``${TARGET-NAME}-config-devices.mak``
TARGET-NAME is again the name of a system or userspace emulator. The
config-devices.mak file is automatically generated by make using the
scripts/make_device_config.sh program, feeding it the
default-configs/$TARGET-NAME file as input.
-`config-host.h`, `$TARGET-NAME/config-target.h`, `$TARGET-NAME/config-devices.h`
+``config-host.h``, ``$TARGET-NAME/config-target.h``, ``$TARGET-NAME/config-devices.h``
These files are used by source code to determine what features
are enabled. They are generated from the contents of the corresponding
- `*.h` files using the scripts/create_config program. This extracts
+ ``*.h`` files using the scripts/create_config program. This extracts
relevant variables and formats them as C preprocessor macros.
-`build.ninja`
+``build.ninja``
The build rules.
Built by Makefile:
-`Makefile.ninja`
+``Makefile.ninja``
A Makefile include that bridges to ninja for the actual build. The
Makefile is mostly a list of targets that Meson included in build.ninja.
-`Makefile.mtest`
+``Makefile.mtest``
The Makefile definitions that let "make check" run tests defined in
meson.build. The rules are produced from Meson's JSON description of
tests (obtained with "meson introspect --tests") through the script
@@ -478,9 +478,9 @@
Useful make targets
-------------------
-`help`
+``help``
Print a help message for the most common build targets.
-`print-VAR`
+``print-VAR``
Print the value of the variable VAR. Useful for debugging the build
system.
diff --git a/docs/devel/ci.rst b/docs/devel/ci.rst
index b3bf3ef..2055725 100644
--- a/docs/devel/ci.rst
+++ b/docs/devel/ci.rst
@@ -8,6 +8,46 @@
https://wiki.qemu.org/Testing/CI
+Custom CI/CD variables
+======================
+
+QEMU CI pipelines can be tuned by setting some CI environment variables.
+
+Set variable globally in the user's CI namespace
+------------------------------------------------
+
+Variables can be set globally in the user's CI namespace setting.
+
+For further information about how to set these variables, please refer to::
+
+ https://docs.gitlab.com/ee/ci/variables/#add-a-cicd-variable-to-a-project
+
+Set variable manually when pushing a branch or tag to the user's repository
+---------------------------------------------------------------------------
+
+Variables can be set manually when pushing a branch or tag, using
+git-push command line arguments.
+
+Example setting the QEMU_CI_EXAMPLE_VAR variable:
+
+.. code::
+
+ git push -o ci.variable="QEMU_CI_EXAMPLE_VAR=value" myrepo mybranch
+
+For further information about how to set these variables, please refer to::
+
+ https://docs.gitlab.com/ee/user/project/push_options.html#push-options-for-gitlab-cicd
+
+Here is a list of the most used variables:
+
+QEMU_CI_AVOCADO_TESTING
+~~~~~~~~~~~~~~~~~~~~~~~
+By default, tests using the Avocado framework are not run automatically in
+the pipelines (because multiple artifacts have to be downloaded, and if
+these artifacts are not already cached, downloading them make the jobs
+reach the timeout limit). Set this variable to have the tests using the
+Avocado framework run automatically.
+
Jobs on Custom Runners
======================
diff --git a/docs/devel/ebpf_rss.rst b/docs/devel/ebpf_rss.rst
index e009625..4a68682 100644
--- a/docs/devel/ebpf_rss.rst
+++ b/docs/devel/ebpf_rss.rst
@@ -72,7 +72,7 @@
eBPF RSS loading functionality located in ebpf/ebpf_rss.c and ebpf/ebpf_rss.h.
-The `struct EBPFRSSContext` structure that holds 4 file descriptors:
+The ``struct EBPFRSSContext`` structure that holds 4 file descriptors:
- ctx - pointer of the libbpf context.
- program_fd - file descriptor of the eBPF RSS program.
@@ -80,20 +80,20 @@
- map_toeplitz_key - file descriptor of the 'Toeplitz key' map. One element of the 40byte key prepared for the hashing algorithm.
- map_indirections_table - 128 elements of queue indexes.
-`struct EBPFRSSConfig` fields:
+``struct EBPFRSSConfig`` fields:
-- redirect - "boolean" value, should the hash be calculated, on false - `default_queue` would be used as the final decision.
+- redirect - "boolean" value, should the hash be calculated, on false - ``default_queue`` would be used as the final decision.
- populate_hash - for now, not used. eBPF RSS doesn't support hash reporting.
-- hash_types - binary mask of different hash types. See `VIRTIO_NET_RSS_HASH_TYPE_*` defines. If for packet hash should not be calculated - `default_queue` would be used.
+- hash_types - binary mask of different hash types. See ``VIRTIO_NET_RSS_HASH_TYPE_*`` defines. If for packet hash should not be calculated - ``default_queue`` would be used.
- indirections_len - length of the indirections table, maximum 128.
- default_queue - the queue index that used for packet that shouldn't be hashed. For some packets, the hash can't be calculated(g.e ARP).
Functions:
-- `ebpf_rss_init()` - sets ctx to NULL, which indicates that EBPFRSSContext is not loaded.
-- `ebpf_rss_load()` - creates 3 maps and loads eBPF program from the rss.bpf.skeleton.h. Returns 'true' on success. After that, program_fd can be used to set steering for TAP.
-- `ebpf_rss_set_all()` - sets values for eBPF maps. `indirections_table` length is in EBPFRSSConfig. `toeplitz_key` is VIRTIO_NET_RSS_MAX_KEY_SIZE aka 40 bytes array.
-- `ebpf_rss_unload()` - close all file descriptors and set ctx to NULL.
+- ``ebpf_rss_init()`` - sets ctx to NULL, which indicates that EBPFRSSContext is not loaded.
+- ``ebpf_rss_load()`` - creates 3 maps and loads eBPF program from the rss.bpf.skeleton.h. Returns 'true' on success. After that, program_fd can be used to set steering for TAP.
+- ``ebpf_rss_set_all()`` - sets values for eBPF maps. ``indirections_table`` length is in EBPFRSSConfig. ``toeplitz_key`` is VIRTIO_NET_RSS_MAX_KEY_SIZE aka 40 bytes array.
+- ``ebpf_rss_unload()`` - close all file descriptors and set ctx to NULL.
Simplified eBPF RSS workflow:
@@ -122,4 +122,4 @@
NetClientState SetSteeringEBPF()
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-For now, `set_steering_ebpf()` method supported by Linux TAP NetClientState. The method requires an eBPF program file descriptor as an argument.
+For now, ``set_steering_ebpf()`` method supported by Linux TAP NetClientState. The method requires an eBPF program file descriptor as an argument.
diff --git a/docs/devel/migration.rst b/docs/devel/migration.rst
index 19c3d4f..2401253 100644
--- a/docs/devel/migration.rst
+++ b/docs/devel/migration.rst
@@ -53,7 +53,7 @@
Debugging
=========
-The migration stream can be analyzed thanks to `scripts/analyze-migration.py`.
+The migration stream can be analyzed thanks to ``scripts/analyze-migration.py``.
Example usage:
@@ -75,8 +75,8 @@
=====================
The files, sockets or fd's that carry the migration stream are abstracted by
-the ``QEMUFile`` type (see `migration/qemu-file.h`). In most cases this
-is connected to a subtype of ``QIOChannel`` (see `io/`).
+the ``QEMUFile`` type (see ``migration/qemu-file.h``). In most cases this
+is connected to a subtype of ``QIOChannel`` (see ``io/``).
Saving the state of one device
@@ -166,14 +166,14 @@
};
We are declaring the state with name "pckbd".
-The `version_id` is 3, and the fields are 4 uint8_t in a KBDState structure.
+The ``version_id`` is 3, and the fields are 4 uint8_t in a KBDState structure.
We registered this with:
.. code:: c
vmstate_register(NULL, 0, &vmstate_kbd, s);
-For devices that are `qdev` based, we can register the device in the class
+For devices that are ``qdev`` based, we can register the device in the class
init function:
.. code:: c
@@ -210,9 +210,9 @@
SaveVMHandlers *ops,
void *opaque);
-Two functions in the ``ops`` structure are the `save_state`
-and `load_state` functions. Notice that `load_state` receives a version_id
-parameter to know what state format is receiving. `save_state` doesn't
+Two functions in the ``ops`` structure are the ``save_state``
+and ``load_state`` functions. Notice that ``load_state`` receives a version_id
+parameter to know what state format is receiving. ``save_state`` doesn't
have a version_id parameter because it always uses the latest version.
Note that because the VMState macros still save the data in a raw
@@ -385,18 +385,18 @@
compatibility; in general most changes can be made by adding Subsections
(see above) or _TEST macros (see above) which won't break compatibility.
-Each version is associated with a series of fields saved. The `save_state` always saves
-the state as the newer version. But `load_state` sometimes is able to
+Each version is associated with a series of fields saved. The ``save_state`` always saves
+the state as the newer version. But ``load_state`` sometimes is able to
load state from an older version.
You can see that there are several version fields:
-- `version_id`: the maximum version_id supported by VMState for that device.
-- `minimum_version_id`: the minimum version_id that VMState is able to understand
+- ``version_id``: the maximum version_id supported by VMState for that device.
+- ``minimum_version_id``: the minimum version_id that VMState is able to understand
for that device.
-- `minimum_version_id_old`: For devices that were not able to port to vmstate, we can
+- ``minimum_version_id_old``: For devices that were not able to port to vmstate, we can
assign a function that knows how to read this old state. This field is
- ignored if there is no `load_state_old` handler.
+ ignored if there is no ``load_state_old`` handler.
VMState is able to read versions from minimum_version_id to
version_id. And the function ``load_state_old()`` (if present) is able to
@@ -454,7 +454,7 @@
If you use memory API functions that update memory layout outside
initialization (i.e., in response to a guest action), this is a strong
-indication that you need to call these functions in a `post_load` callback.
+indication that you need to call these functions in a ``post_load`` callback.
Examples of such memory API functions are:
- memory_region_add_subregion()
@@ -823,12 +823,12 @@
processes that share memory and from QEMU. There are restrictions on the type of
memory that userfault can support shared.
-The Linux kernel userfault support works on `/dev/shm` memory and on `hugetlbfs`
-(although the kernel doesn't provide an equivalent to `madvise(MADV_DONTNEED)`
+The Linux kernel userfault support works on ``/dev/shm`` memory and on ``hugetlbfs``
+(although the kernel doesn't provide an equivalent to ``madvise(MADV_DONTNEED)``
for hugetlbfs which may be a problem in some configurations).
The vhost-user code in QEMU supports clients that have Postcopy support,
-and the `vhost-user-bridge` (in `tests/`) and the DPDK package have changes
+and the ``vhost-user-bridge`` (in ``tests/``) and the DPDK package have changes
to support postcopy.
The client needs to open a userfaultfd and register the areas
diff --git a/docs/devel/qgraph.rst b/docs/devel/qgraph.rst
index 318534d..39e2936 100644
--- a/docs/devel/qgraph.rst
+++ b/docs/devel/qgraph.rst
@@ -66,11 +66,11 @@
Edges
^^^^^^
-An edge relation between two nodes (drivers or machines) `X` and `Y` can be:
+An edge relation between two nodes (drivers or machines) ``X`` and ``Y`` can be:
-- ``X CONSUMES Y``: `Y` can be plugged into `X`
-- ``X PRODUCES Y``: `X` provides the interface `Y`
-- ``X CONTAINS Y``: `Y` is part of `X` component
+- ``X CONSUMES Y``: ``Y`` can be plugged into ``X``
+- ``X PRODUCES Y``: ``X`` provides the interface ``Y``
+- ``X CONTAINS Y``: ``Y`` is part of ``X`` component
Execution steps
^^^^^^^^^^^^^^^
diff --git a/docs/devel/tcg-plugins.rst b/docs/devel/tcg-plugins.rst
index 7e54f12..047bf4a 100644
--- a/docs/devel/tcg-plugins.rst
+++ b/docs/devel/tcg-plugins.rst
@@ -34,11 +34,11 @@
QEMU_PLUGIN_EXPORT int qemu_plugin_version = QEMU_PLUGIN_VERSION;
The core code will refuse to load a plugin that doesn't export a
-`qemu_plugin_version` symbol or if plugin version is outside of QEMU's
+``qemu_plugin_version`` symbol or if plugin version is outside of QEMU's
supported range of API versions.
-Additionally the `qemu_info_t` structure which is passed to the
-`qemu_plugin_install` method of a plugin will detail the minimum and
+Additionally the ``qemu_info_t`` structure which is passed to the
+``qemu_plugin_install`` method of a plugin will detail the minimum and
current API versions supported by QEMU. The API version will be
incremented if new APIs are added. The minimum API version will be
incremented if existing APIs are changed or removed.
@@ -146,12 +146,12 @@
There are a number of plugins included with QEMU and you are
encouraged to contribute your own plugins plugins upstream. There is a
-`contrib/plugins` directory where they can go.
+``contrib/plugins`` directory where they can go.
- tests/plugins
These are some basic plugins that are used to test and exercise the
-API during the `make check-tcg` target.
+API during the ``make check-tcg`` target.
- contrib/plugins/hotblocks.c
@@ -163,7 +163,7 @@
re-translations as blocks from different programs get swapped in and
out of system memory.
-If your program is single-threaded you can use the `inline` option for
+If your program is single-threaded you can use the ``inline`` option for
slightly faster (but not thread safe) counters.
Example::
@@ -251,7 +251,7 @@
...
To find the argument shorthand for the class you need to examine the
-source code of the plugin at the moment, specifically the `*opt`
+source code of the plugin at the moment, specifically the ``*opt``
argument in the InsnClassExecCount tables.
- contrib/plugins/lockstep.c
diff --git a/docs/devel/testing.rst b/docs/devel/testing.rst
index 8f57225..8a9cda3 100644
--- a/docs/devel/testing.rst
+++ b/docs/devel/testing.rst
@@ -775,7 +775,7 @@
QEMUMachine. The way to get machines is through the ``self.get_vm()``
method which will return a QEMUMachine instance. The ``self.get_vm()``
method accepts arguments that will be passed to the QEMUMachine creation
-and also an optional `name` attribute so you can identify a specific
+and also an optional ``name`` attribute so you can identify a specific
machine and get it more than once through the tests methods. A simple
and hypothetical example follows:
@@ -1062,7 +1062,7 @@
AVOCADO_ALLOW_LARGE_STORAGE
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tests which are going to fetch or produce assets considered *large* are not
-going to run unless that `AVOCADO_ALLOW_LARGE_STORAGE=1` is exported on
+going to run unless that ``AVOCADO_ALLOW_LARGE_STORAGE=1`` is exported on
the environment.
The definition of *large* is a bit arbitrary here, but it usually means an
@@ -1076,7 +1076,7 @@
usually it means a blob which either its source or build process aren't
public available.
-You should export `AVOCADO_ALLOW_UNTRUSTED_CODE=1` on the environment in
+You should export ``AVOCADO_ALLOW_UNTRUSTED_CODE=1`` on the environment in
order to allow tests which make use of those kind of assets.
AVOCADO_TIMEOUT_EXPECTED
@@ -1090,7 +1090,7 @@
Even though the timeout can be set by the test developer, there are some tests
that may not have a well-defined limit of time to finish under certain
conditions. For example, tests that take longer to execute when QEMU is
-compiled with debug flags. Therefore, the `AVOCADO_TIMEOUT_EXPECTED` variable
+compiled with debug flags. Therefore, the ``AVOCADO_TIMEOUT_EXPECTED`` variable
has been used to determine whether those tests should run or not.
GITLAB_CI
diff --git a/docs/interop/barrier.rst b/docs/interop/barrier.rst
new file mode 100644
index 0000000..055f2c1
--- /dev/null
+++ b/docs/interop/barrier.rst
@@ -0,0 +1,426 @@
+Barrier client protocol
+=======================
+
+QEMU's ``input-barrier`` device implements the client end of
+the KVM (Keyboard-Video-Mouse) software
+`Barrier <https://github.com/debauchee/barrier>`__.
+
+This document briefly describes the protocol as we implement it.
+
+Message format
+--------------
+
+Message format between the server and client is in two parts:
+
+#. the payload length, a 32bit integer in network endianness
+#. the payload
+
+The payload starts with a 4byte string (without NUL) which is the
+command. The first command between the server and the client
+is the only command not encoded on 4 bytes ("Barrier").
+The remaining part of the payload is decoded according to the command.
+
+Protocol Description
+--------------------
+
+This comes from ``barrier/src/lib/barrier/protocol_types.h``.
+
+barrierCmdHello "Barrier"
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int16_t minor, int16_t major }``
+Description:
+ Say hello to client
+
+ ``minor`` = protocol major version number supported by server
+
+ ``major`` = protocol minor version number supported by server
+
+barrierCmdHelloBack "Barrier"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ client ->server
+Parameters:
+ ``{ int16_t minor, int16_t major, char *name}``
+Description:
+ Respond to hello from server
+
+ ``minor`` = protocol major version number supported by client
+
+ ``major`` = protocol minor version number supported by client
+
+ ``name`` = client name
+
+barrierCmdDInfo "DINF"
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ client ->server
+Parameters:
+ ``{ int16_t x_origin, int16_t y_origin, int16_t width, int16_t height, int16_t x, int16_t y}``
+Description:
+ The client screen must send this message in response to the
+ barrierCmdQInfo message. It must also send this message when the
+ screen's resolution changes. In this case, the client screen should
+ ignore any barrierCmdDMouseMove messages until it receives a
+ barrierCmdCInfoAck in order to prevent attempts to move the mouse off
+ the new screen area.
+
+barrierCmdCNoop "CNOP"
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ client -> server
+Parameters:
+ None
+Description:
+ No operation
+
+barrierCmdCClose "CBYE"
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ None
+Description:
+ Close connection
+
+barrierCmdCEnter "CINN"
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int16_t x, int16_t y, int32_t seq, int16_t modifier }``
+Description:
+ Enter screen.
+
+ ``x``, ``y`` = entering screen absolute coordinates
+
+ ``seq`` = sequence number, which is used to order messages between
+ screens. the secondary screen must return this number
+ with some messages
+
+ ``modifier`` = modifier key mask. this will have bits set for each
+ toggle modifier key that is activated on entry to the
+ screen. the secondary screen should adjust its toggle
+ modifiers to reflect that state.
+
+barrierCmdCLeave "COUT"
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ None
+Description:
+ Leaving screen. the secondary screen should send clipboard data in
+ response to this message for those clipboards that it has grabbed
+ (i.e. has sent a barrierCmdCClipboard for and has not received a
+ barrierCmdCClipboard for with a greater sequence number) and that
+ were grabbed or have changed since the last leave.
+
+barrierCmdCClipboard "CCLP"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int8_t id, int32_t seq }``
+Description:
+ Grab clipboard. Sent by screen when some other app on that screen
+ grabs a clipboard.
+
+ ``id`` = the clipboard identifier
+
+ ``seq`` = sequence number. Client must use the sequence number passed in
+ the most recent barrierCmdCEnter. the server always sends 0.
+
+barrierCmdCScreenSaver "CSEC"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int8_t started }``
+Description:
+ Screensaver change.
+
+ ``started`` = Screensaver on primary has started (1) or closed (0)
+
+barrierCmdCResetOptions "CROP"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ None
+Description:
+ Reset options. Client should reset all of its options to their
+ defaults.
+
+barrierCmdCInfoAck "CIAK"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ None
+Description:
+ Resolution change acknowledgment. Sent by server in response to a
+ client screen's barrierCmdDInfo. This is sent for every
+ barrierCmdDInfo, whether or not the server had sent a barrierCmdQInfo.
+
+barrierCmdCKeepAlive "CALV"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ None
+Description:
+ Keep connection alive. Sent by the server periodically to verify
+ that connections are still up and running. clients must reply in
+ kind on receipt. if the server gets an error sending the message or
+ does not receive a reply within a reasonable time then the server
+ disconnects the client. if the client doesn't receive these (or any
+ message) periodically then it should disconnect from the server. the
+ appropriate interval is defined by an option.
+
+barrierCmdDKeyDown "DKDN"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int16_t keyid, int16_t modifier [,int16_t button] }``
+Description:
+ Key pressed.
+
+ ``keyid`` = X11 key id
+
+ ``modified`` = modified mask
+
+ ``button`` = X11 Xkb keycode (optional)
+
+barrierCmdDKeyRepeat "DKRP"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int16_t keyid, int16_t modifier, int16_t repeat [,int16_t button] }``
+Description:
+ Key auto-repeat.
+
+ ``keyid`` = X11 key id
+
+ ``modified`` = modified mask
+
+ ``repeat`` = number of repeats
+
+ ``button`` = X11 Xkb keycode (optional)
+
+barrierCmdDKeyUp "DKUP"
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int16_t keyid, int16_t modifier [,int16_t button] }``
+Description:
+ Key released.
+
+ ``keyid`` = X11 key id
+
+ ``modified`` = modified mask
+
+ ``button`` = X11 Xkb keycode (optional)
+
+barrierCmdDMouseDown "DMDN"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int8_t button }``
+Description:
+ Mouse button pressed.
+
+ ``button`` = button id
+
+barrierCmdDMouseUp "DMUP"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int8_t button }``
+Description:
+ Mouse button release.
+
+ ``button`` = button id
+
+barrierCmdDMouseMove "DMMV"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int16_t x, int16_t y }``
+Description:
+ Absolute mouse moved.
+
+ ``x``, ``y`` = absolute screen coordinates
+
+barrierCmdDMouseRelMove "DMRM"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int16_t x, int16_t y }``
+Description:
+ Relative mouse moved.
+
+ ``x``, ``y`` = r relative screen coordinates
+
+barrierCmdDMouseWheel "DMWM"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int16_t x , int16_t y }`` or ``{ int16_t y }``
+Description:
+ Mouse scroll. The delta should be +120 for one tick forward (away
+ from the user) or right and -120 for one tick backward (toward the
+ user) or left.
+
+ ``x`` = x delta
+
+ ``y`` = y delta
+
+barrierCmdDClipboard "DCLP"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int8_t id, int32_t seq, int8_t mark, char *data }``
+Description:
+ Clipboard data.
+
+ ``id`` = clipboard id
+
+ ``seq`` = sequence number. The sequence number is 0 when sent by the
+ server. Client screens should use the/ sequence number from
+ the most recent barrierCmdCEnter.
+
+barrierCmdDSetOptions "DSOP"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int32 t nb, { int32_t id, int32_t val }[] }``
+Description:
+ Set options. Client should set the given option/value pairs.
+
+ ``nb`` = numbers of ``{ id, val }`` entries
+
+ ``id`` = option id
+
+ ``val`` = option new value
+
+barrierCmdDFileTransfer "DFTR"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int8_t mark, char *content }``
+Description:
+ Transfer file data.
+
+ * ``mark`` = 0 means the content followed is the file size
+ * 1 means the content followed is the chunk data
+ * 2 means the file transfer is finished
+
+barrierCmdDDragInfo "DDRG"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int16_t nb, char *content }``
+Description:
+ Drag information.
+
+ ``nb`` = number of dragging objects
+
+ ``content`` = object's directory
+
+barrierCmdQInfo "QINF"
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ None
+Description:
+ Query screen info
+
+ Client should reply with a barrierCmdDInfo
+
+barrierCmdEIncompatible "EICV"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ ``{ int16_t nb, major *minor }``
+Description:
+ Incompatible version.
+
+ ``major`` = major version
+
+ ``minor`` = minor version
+
+barrierCmdEBusy "EBSY"
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ None
+Description:
+ Name provided when connecting is already in use.
+
+barrierCmdEUnknown "EUNK"
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ None
+Description:
+ Unknown client. Name provided when connecting is not in primary's
+ screen configuration map.
+
+barrierCmdEBad "EBAD"
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Direction:
+ server -> client
+Parameters:
+ None
+Description:
+ Protocol violation. Server should disconnect after sending this
+ message.
+
diff --git a/docs/interop/index.rst b/docs/interop/index.rst
index b1bab81..f9801a9 100644
--- a/docs/interop/index.rst
+++ b/docs/interop/index.rst
@@ -7,6 +7,7 @@
.. toctree::
:maxdepth: 2
+ barrier
bitmaps
dbus
dbus-vmstate
diff --git a/docs/interop/live-block-operations.rst b/docs/interop/live-block-operations.rst
index 477d085..9e3635b 100644
--- a/docs/interop/live-block-operations.rst
+++ b/docs/interop/live-block-operations.rst
@@ -781,7 +781,7 @@
}
(6) [On *destination* QEMU] Finally, resume the guest vCPUs by issuing the
- QMP command `cont`::
+ QMP command ``cont``::
(QEMU) cont
{
diff --git a/docs/interop/qemu-ga-ref.rst b/docs/interop/qemu-ga-ref.rst
index db1e946..032d492 100644
--- a/docs/interop/qemu-ga-ref.rst
+++ b/docs/interop/qemu-ga-ref.rst
@@ -1,15 +1,6 @@
QEMU Guest Agent Protocol Reference
===================================
-..
- TODO: the old Texinfo manual used to note that this manual
- is GPL-v2-or-later. We should make that reader-visible
- both here and in our Sphinx manuals more generally.
-
-..
- TODO: display the QEMU version, both here and in our Sphinx manuals
- more generally.
-
.. contents::
:depth: 3
diff --git a/docs/interop/qemu-qmp-ref.rst b/docs/interop/qemu-qmp-ref.rst
index b5bebf6..357effd 100644
--- a/docs/interop/qemu-qmp-ref.rst
+++ b/docs/interop/qemu-qmp-ref.rst
@@ -1,15 +1,6 @@
QEMU QMP Reference Manual
=========================
-..
- TODO: the old Texinfo manual used to note that this manual
- is GPL-v2-or-later. We should make that reader-visible
- both here and in our Sphinx manuals more generally.
-
-..
- TODO: display the QEMU version, both here and in our Sphinx manuals
- more generally.
-
.. contents::
:depth: 3
diff --git a/docs/interop/qemu-storage-daemon-qmp-ref.rst b/docs/interop/qemu-storage-daemon-qmp-ref.rst
index d0ebb42..9fed681 100644
--- a/docs/interop/qemu-storage-daemon-qmp-ref.rst
+++ b/docs/interop/qemu-storage-daemon-qmp-ref.rst
@@ -1,15 +1,6 @@
QEMU Storage Daemon QMP Reference Manual
========================================
-..
- TODO: the old Texinfo manual used to note that this manual
- is GPL-v2-or-later. We should make that reader-visible
- both here and in our Sphinx manuals more generally.
-
-..
- TODO: display the QEMU version, both here and in our Sphinx manuals
- more generally.
-
.. contents::
:depth: 3
diff --git a/docs/interop/vhost-user-gpu.rst b/docs/interop/vhost-user-gpu.rst
index 3268bf4..71a2c52 100644
--- a/docs/interop/vhost-user-gpu.rst
+++ b/docs/interop/vhost-user-gpu.rst
@@ -2,9 +2,10 @@
Vhost-user-gpu Protocol
=======================
-:Licence: This work is licensed under the terms of the GNU GPL,
- version 2 or later. See the COPYING file in the top-level
- directory.
+..
+ Licence: This work is licensed under the terms of the GNU GPL,
+ version 2 or later. See the COPYING file in the top-level
+ directory.
.. contents:: Table of Contents
diff --git a/docs/interop/vhost-user.rst b/docs/interop/vhost-user.rst
index 7fc6935..edc3ad8 100644
--- a/docs/interop/vhost-user.rst
+++ b/docs/interop/vhost-user.rst
@@ -3,11 +3,13 @@
===================
Vhost-user Protocol
===================
-:Copyright: 2014 Virtual Open Systems Sarl.
-:Copyright: 2019 Intel Corporation
-:Licence: This work is licensed under the terms of the GNU GPL,
- version 2 or later. See the COPYING file in the top-level
- directory.
+
+..
+ Copyright 2014 Virtual Open Systems Sarl.
+ Copyright 2019 Intel Corporation
+ Licence: This work is licensed under the terms of the GNU GPL,
+ version 2 or later. See the COPYING file in the top-level
+ directory.
.. contents:: Table of Contents
diff --git a/docs/system/arm/cpu-features.rst b/docs/system/arm/cpu-features.rst
index 11dce5c..584eb17 100644
--- a/docs/system/arm/cpu-features.rst
+++ b/docs/system/arm/cpu-features.rst
@@ -10,22 +10,22 @@
Cortex-A15 and the Cortex-A57, which respectively implement Arm
architecture reference manuals ARMv7-A and ARMv8-A, may both optionally
implement PMUs. For example, if a user wants to use a Cortex-A15 without
-a PMU, then the `-cpu` parameter should contain `pmu=off` on the QEMU
-command line, i.e. `-cpu cortex-a15,pmu=off`.
+a PMU, then the ``-cpu`` parameter should contain ``pmu=off`` on the QEMU
+command line, i.e. ``-cpu cortex-a15,pmu=off``.
As not all CPU types support all optional CPU features, then whether or
not a CPU property exists depends on the CPU type. For example, CPUs
that implement the ARMv8-A architecture reference manual may optionally
support the AArch32 CPU feature, which may be enabled by disabling the
-`aarch64` CPU property. A CPU type such as the Cortex-A15, which does
-not implement ARMv8-A, will not have the `aarch64` CPU property.
+``aarch64`` CPU property. A CPU type such as the Cortex-A15, which does
+not implement ARMv8-A, will not have the ``aarch64`` CPU property.
QEMU's support may be limited for some CPU features, only partially
supporting the feature or only supporting the feature under certain
-configurations. For example, the `aarch64` CPU feature, which, when
+configurations. For example, the ``aarch64`` CPU feature, which, when
disabled, enables the optional AArch32 CPU feature, is only supported
when using the KVM accelerator and when running on a host CPU type that
-supports the feature. While `aarch64` currently only works with KVM,
+supports the feature. While ``aarch64`` currently only works with KVM,
it could work with TCG. CPU features that are specific to KVM are
prefixed with "kvm-" and are described in "KVM VCPU Features".
@@ -33,12 +33,12 @@
===================
Determining which CPU features are available and functional for a given
-CPU type is possible with the `query-cpu-model-expansion` QMP command.
-Below are some examples where `scripts/qmp/qmp-shell` (see the top comment
+CPU type is possible with the ``query-cpu-model-expansion`` QMP command.
+Below are some examples where ``scripts/qmp/qmp-shell`` (see the top comment
block in the script for usage) is used to issue the QMP commands.
-1. Determine which CPU features are available for the `max` CPU type
- (Note, we started QEMU with qemu-system-aarch64, so `max` is
+1. Determine which CPU features are available for the ``max`` CPU type
+ (Note, we started QEMU with qemu-system-aarch64, so ``max`` is
implementing the ARMv8-A reference manual in this case)::
(QEMU) query-cpu-model-expansion type=full model={"name":"max"}
@@ -51,9 +51,9 @@
"sve896": true, "sve1280": true, "sve2048": true
}}}}
-We see that the `max` CPU type has the `pmu`, `aarch64`, `sve`, and many
-`sve<N>` CPU features. We also see that all the CPU features are
-enabled, as they are all `true`. (The `sve<N>` CPU features are all
+We see that the ``max`` CPU type has the ``pmu``, ``aarch64``, ``sve``, and many
+``sve<N>`` CPU features. We also see that all the CPU features are
+enabled, as they are all ``true``. (The ``sve<N>`` CPU features are all
optional SVE vector lengths (see "SVE CPU Properties"). While with TCG
all SVE vector lengths can be supported, when KVM is in use it's more
likely that only a few lengths will be supported, if SVE is supported at
@@ -71,9 +71,9 @@
"sve896": true, "sve1280": true, "sve2048": true
}}}}
-We see it worked, as `pmu` is now `false`.
+We see it worked, as ``pmu`` is now ``false``.
-(3) Let's try to disable `aarch64`, which enables the AArch32 CPU feature::
+(3) Let's try to disable ``aarch64``, which enables the AArch32 CPU feature::
(QEMU) query-cpu-model-expansion type=full model={"name":"max","props":{"aarch64":false}}
{"error": {
@@ -84,7 +84,7 @@
It looks like this feature is limited to a configuration we do not
currently have.
-(4) Let's disable `sve` and see what happens to all the optional SVE
+(4) Let's disable ``sve`` and see what happens to all the optional SVE
vector lengths::
(QEMU) query-cpu-model-expansion type=full model={"name":"max","props":{"sve":false}}
@@ -97,14 +97,14 @@
"sve896": false, "sve1280": false, "sve2048": false
}}}}
-As expected they are now all `false`.
+As expected they are now all ``false``.
(5) Let's try probing CPU features for the Cortex-A15 CPU type::
(QEMU) query-cpu-model-expansion type=full model={"name":"cortex-a15"}
{"return": {"model": {"name": "cortex-a15", "props": {"pmu": true}}}}
-Only the `pmu` CPU feature is available.
+Only the ``pmu`` CPU feature is available.
A note about CPU feature dependencies
-------------------------------------
@@ -123,29 +123,29 @@
-------------------------------
Named CPU models generally do not work with KVM. There are a few cases
-that do work, e.g. using the named CPU model `cortex-a57` with KVM on a
-seattle host, but mostly if KVM is enabled the `host` CPU type must be
+that do work, e.g. using the named CPU model ``cortex-a57`` with KVM on a
+seattle host, but mostly if KVM is enabled the ``host`` CPU type must be
used. This means the guest is provided all the same CPU features as the
-host CPU type has. And, for this reason, the `host` CPU type should
+host CPU type has. And, for this reason, the ``host`` CPU type should
enable all CPU features that the host has by default. Indeed it's even
a bit strange to allow disabling CPU features that the host has when using
-the `host` CPU type, but in the absence of CPU models it's the best we can
+the ``host`` CPU type, but in the absence of CPU models it's the best we can
do if we want to launch guests without all the host's CPU features enabled.
-Enabling KVM also affects the `query-cpu-model-expansion` QMP command. The
+Enabling KVM also affects the ``query-cpu-model-expansion`` QMP command. The
affect is not only limited to specific features, as pointed out in example
(3) of "CPU Feature Probing", but also to which CPU types may be expanded.
-When KVM is enabled, only the `max`, `host`, and current CPU type may be
+When KVM is enabled, only the ``max``, ``host``, and current CPU type may be
expanded. This restriction is necessary as it's not possible to know all
CPU types that may work with KVM, but it does impose a small risk of users
experiencing unexpected errors. For example on a seattle, as mentioned
-above, the `cortex-a57` CPU type is also valid when KVM is enabled.
-Therefore a user could use the `host` CPU type for the current type, but
-then attempt to query `cortex-a57`, however that query will fail with our
+above, the ``cortex-a57`` CPU type is also valid when KVM is enabled.
+Therefore a user could use the ``host`` CPU type for the current type, but
+then attempt to query ``cortex-a57``, however that query will fail with our
restrictions. This shouldn't be an issue though as management layers and
-users have been preferring the `host` CPU type for use with KVM for quite
+users have been preferring the ``host`` CPU type for use with KVM for quite
some time. Additionally, if the KVM-enabled QEMU instance running on a
-seattle host is using the `cortex-a57` CPU type, then querying `cortex-a57`
+seattle host is using the ``cortex-a57`` CPU type, then querying ``cortex-a57``
will work.
Using CPU Features
@@ -158,12 +158,12 @@
$ qemu-system-aarch64 -M virt -cpu max,pmu=off,sve=on,sve128=on,sve256=on
The example above disables the PMU and enables the first two SVE vector
-lengths for the `max` CPU type. Note, the `sve=on` isn't actually
-necessary, because, as we observed above with our probe of the `max` CPU
-type, `sve` is already on by default. Also, based on our probe of
+lengths for the ``max`` CPU type. Note, the ``sve=on`` isn't actually
+necessary, because, as we observed above with our probe of the ``max`` CPU
+type, ``sve`` is already on by default. Also, based on our probe of
defaults, it would seem we need to disable many SVE vector lengths, rather
than only enabling the two we want. This isn't the case, because, as
-disabling many SVE vector lengths would be quite verbose, the `sve<N>` CPU
+disabling many SVE vector lengths would be quite verbose, the ``sve<N>`` CPU
properties have special semantics (see "SVE CPU Property Parsing
Semantics").
@@ -217,11 +217,11 @@
TCG VCPU features are CPU features that are specific to TCG.
Below is the list of TCG VCPU features and their descriptions.
- pauth Enable or disable `FEAT_Pauth`, pointer
+ pauth Enable or disable ``FEAT_Pauth``, pointer
authentication. By default, the feature is
- enabled with `-cpu max`.
+ enabled with ``-cpu max``.
- pauth-impdef When `FEAT_Pauth` is enabled, either the
+ pauth-impdef When ``FEAT_Pauth`` is enabled, either the
*impdef* (Implementation Defined) algorithm
is enabled or the *architected* QARMA algorithm
is enabled. By default the impdef algorithm
@@ -235,49 +235,49 @@
SVE CPU Properties
==================
-There are two types of SVE CPU properties: `sve` and `sve<N>`. The first
-is used to enable or disable the entire SVE feature, just as the `pmu`
+There are two types of SVE CPU properties: ``sve`` and ``sve<N>``. The first
+is used to enable or disable the entire SVE feature, just as the ``pmu``
CPU property completely enables or disables the PMU. The second type
-is used to enable or disable specific vector lengths, where `N` is the
-number of bits of the length. The `sve<N>` CPU properties have special
+is used to enable or disable specific vector lengths, where ``N`` is the
+number of bits of the length. The ``sve<N>`` CPU properties have special
dependencies and constraints, see "SVE CPU Property Dependencies and
Constraints" below. Additionally, as we want all supported vector lengths
to be enabled by default, then, in order to avoid overly verbose command
-lines (command lines full of `sve<N>=off`, for all `N` not wanted), we
+lines (command lines full of ``sve<N>=off``, for all ``N`` not wanted), we
provide the parsing semantics listed in "SVE CPU Property Parsing
Semantics".
SVE CPU Property Dependencies and Constraints
---------------------------------------------
- 1) At least one vector length must be enabled when `sve` is enabled.
+ 1) At least one vector length must be enabled when ``sve`` is enabled.
- 2) If a vector length `N` is enabled, then, when KVM is enabled, all
+ 2) If a vector length ``N`` is enabled, then, when KVM is enabled, all
smaller, host supported vector lengths must also be enabled. If
KVM is not enabled, then only all the smaller, power-of-two vector
lengths must be enabled. E.g. with KVM if the host supports all
- vector lengths up to 512-bits (128, 256, 384, 512), then if `sve512`
+ vector lengths up to 512-bits (128, 256, 384, 512), then if ``sve512``
is enabled, the 128-bit vector length, 256-bit vector length, and
384-bit vector length must also be enabled. Without KVM, the 384-bit
vector length would not be required.
3) If KVM is enabled then only vector lengths that the host CPU type
support may be enabled. If SVE is not supported by the host, then
- no `sve*` properties may be enabled.
+ no ``sve*`` properties may be enabled.
SVE CPU Property Parsing Semantics
----------------------------------
- 1) If SVE is disabled (`sve=off`), then which SVE vector lengths
+ 1) If SVE is disabled (``sve=off``), then which SVE vector lengths
are enabled or disabled is irrelevant to the guest, as the entire
SVE feature is disabled and that disables all vector lengths for
- the guest. However QEMU will still track any `sve<N>` CPU
- properties provided by the user. If later an `sve=on` is provided,
- then the guest will get only the enabled lengths. If no `sve=on`
+ the guest. However QEMU will still track any ``sve<N>`` CPU
+ properties provided by the user. If later an ``sve=on`` is provided,
+ then the guest will get only the enabled lengths. If no ``sve=on``
is provided and there are explicitly enabled vector lengths, then
an error is generated.
- 2) If SVE is enabled (`sve=on`), but no `sve<N>` CPU properties are
+ 2) If SVE is enabled (``sve=on``), but no ``sve<N>`` CPU properties are
provided, then all supported vector lengths are enabled, which when
KVM is not in use means including the non-power-of-two lengths, and,
when KVM is in use, it means all vector lengths supported by the host
@@ -293,7 +293,7 @@
constraint (2) of "SVE CPU Property Dependencies and Constraints").
5) When KVM is enabled, if the host does not support SVE, then an error
- is generated when attempting to enable any `sve*` properties (see
+ is generated when attempting to enable any ``sve*`` properties (see
constraint (3) of "SVE CPU Property Dependencies and Constraints").
6) When KVM is enabled, if the host does support SVE, then an error is
@@ -301,8 +301,8 @@
by the host (see constraint (3) of "SVE CPU Property Dependencies and
Constraints").
- 7) If one or more `sve<N>` CPU properties are set `off`, but no `sve<N>`,
- CPU properties are set `on`, then the specified vector lengths are
+ 7) If one or more ``sve<N>`` CPU properties are set ``off``, but no ``sve<N>``,
+ CPU properties are set ``on``, then the specified vector lengths are
disabled but the default for any unspecified lengths remains enabled.
When KVM is not enabled, disabling a power-of-two vector length also
disables all vector lengths larger than the power-of-two length.
@@ -310,15 +310,15 @@
disables all larger vector lengths (see constraint (2) of "SVE CPU
Property Dependencies and Constraints").
- 8) If one or more `sve<N>` CPU properties are set to `on`, then they
+ 8) If one or more ``sve<N>`` CPU properties are set to ``on``, then they
are enabled and all unspecified lengths default to disabled, except
for the required lengths per constraint (2) of "SVE CPU Property
Dependencies and Constraints", which will even be auto-enabled if
they were not explicitly enabled.
- 9) If SVE was disabled (`sve=off`), allowing all vector lengths to be
+ 9) If SVE was disabled (``sve=off``), allowing all vector lengths to be
explicitly disabled (i.e. avoiding the error specified in (3) of
- "SVE CPU Property Parsing Semantics"), then if later an `sve=on` is
+ "SVE CPU Property Parsing Semantics"), then if later an ``sve=on`` is
provided an error will be generated. To avoid this error, one must
enable at least one vector length prior to enabling SVE.
@@ -329,12 +329,12 @@
$ qemu-system-aarch64 -M virt -cpu max,sve=off
- 2) Implicitly enable all vector lengths for the `max` CPU type::
+ 2) Implicitly enable all vector lengths for the ``max`` CPU type::
$ qemu-system-aarch64 -M virt -cpu max
3) When KVM is enabled, implicitly enable all host CPU supported vector
- lengths with the `host` CPU type::
+ lengths with the ``host`` CPU type::
$ qemu-system-aarch64 -M virt,accel=kvm -cpu host
diff --git a/docs/system/arm/imx25-pdk.rst b/docs/system/arm/imx25-pdk.rst
new file mode 100644
index 0000000..2a9711e
--- /dev/null
+++ b/docs/system/arm/imx25-pdk.rst
@@ -0,0 +1,19 @@
+NXP i.MX25 PDK board (``imx25-pdk``)
+====================================
+
+The ``imx25-pdk`` board emulates the NXP i.MX25 Product Development Kit
+board, which is based on an i.MX25 SoC which uses an ARM926 CPU.
+
+Emulated devices:
+
+- SD controller
+- AVIC
+- CCM
+- GPT
+- EPIT timers
+- FEC
+- RNGC
+- I2C
+- GPIO controllers
+- Watchdog timer
+- USB controllers
diff --git a/docs/system/arm/kzm.rst b/docs/system/arm/kzm.rst
new file mode 100644
index 0000000..bb018fb
--- /dev/null
+++ b/docs/system/arm/kzm.rst
@@ -0,0 +1,18 @@
+Kyoto Microcomputer KZM-ARM11-01 (``kzm``)
+==========================================
+
+The ``kzm`` board emulates the Kyoto Microcomputer KZM-ARM11-01
+evaluation board, which is based on an NXP i.MX32 SoC
+which uses an ARM1136 CPU.
+
+Emulated devices:
+
+- UARTs
+- LAN9118 ethernet
+- AVIC
+- CCM
+- GPT
+- EPIT timers
+- I2C
+- GPIO controllers
+- Watchdog timer
diff --git a/docs/system/arm/mainstone.rst b/docs/system/arm/mainstone.rst
new file mode 100644
index 0000000..05310f4
--- /dev/null
+++ b/docs/system/arm/mainstone.rst
@@ -0,0 +1,25 @@
+Intel Mainstone II board (``mainstone``)
+========================================
+
+The ``mainstone`` board emulates the Intel Mainstone II development
+board, which uses a PXA270 CPU.
+
+Emulated devices:
+
+- Flash memory
+- Keypad
+- MMC controller
+- 91C111 ethernet
+- PIC
+- Timer
+- DMA
+- GPIO
+- FIR
+- Serial
+- LCD controller
+- SSP
+- USB controller
+- RTC
+- PCMCIA
+- I2C
+- I2S
diff --git a/docs/system/arm/nuvoton.rst b/docs/system/arm/nuvoton.rst
index 3cd2b2b..69f57c2 100644
--- a/docs/system/arm/nuvoton.rst
+++ b/docs/system/arm/nuvoton.rst
@@ -79,7 +79,7 @@
------------
The Nuvoton machines can boot from an OpenBMC firmware image, or directly into
-a kernel using the ``-kernel`` option. OpenBMC images for `quanta-gsj` and
+a kernel using the ``-kernel`` option. OpenBMC images for ``quanta-gsj`` and
possibly others can be downloaded from the OpenPOWER jenkins :
https://openpower.xyz/
diff --git a/docs/system/arm/sbsa.rst b/docs/system/arm/sbsa.rst
index 27b0999..b499d7e 100644
--- a/docs/system/arm/sbsa.rst
+++ b/docs/system/arm/sbsa.rst
@@ -1,8 +1,8 @@
Arm Server Base System Architecture Reference board (``sbsa-ref``)
==================================================================
-While the `virt` board is a generic board platform that doesn't match
-any real hardware the `sbsa-ref` board intends to look like real
+While the ``virt`` board is a generic board platform that doesn't match
+any real hardware the ``sbsa-ref`` board intends to look like real
hardware. The `Server Base System Architecture
<https://developer.arm.com/documentation/den0029/latest>`_ defines a
minimum base line of hardware support and importantly how the firmware
diff --git a/docs/system/arm/virt.rst b/docs/system/arm/virt.rst
index 27652ad..59acf0e 100644
--- a/docs/system/arm/virt.rst
+++ b/docs/system/arm/virt.rst
@@ -1,7 +1,7 @@
'virt' generic virtual platform (``virt``)
==========================================
-The `virt` board is a platform which does not correspond to any
+The ``virt`` board is a platform which does not correspond to any
real hardware; it is designed for use in virtual machines.
It is the recommended board type if you simply want to run
a guest such as Linux and do not care about reproducing the
diff --git a/docs/system/barrier.rst b/docs/system/barrier.rst
new file mode 100644
index 0000000..155d7d2
--- /dev/null
+++ b/docs/system/barrier.rst
@@ -0,0 +1,44 @@
+QEMU Barrier Client
+===================
+
+Generally, mouse and keyboard are grabbed through the QEMU video
+interface emulation.
+
+But when we want to use a video graphic adapter via a PCI passthrough
+there is no way to provide the keyboard and mouse inputs to the VM
+except by plugging a second set of mouse and keyboard to the host
+or by installing a KVM software in the guest OS.
+
+The QEMU Barrier client avoids this by implementing directly the Barrier
+protocol into QEMU.
+
+`Barrier <https://github.com/debauchee/barrier>`__
+is a KVM (Keyboard-Video-Mouse) software forked from Symless's
+synergy 1.9 codebase.
+
+This protocol is enabled by adding an input-barrier object to QEMU.
+
+Syntax::
+
+ input-barrier,id=<object-id>,name=<guest display name>
+ [,server=<barrier server address>][,port=<barrier server port>]
+ [,x-origin=<x-origin>][,y-origin=<y-origin>]
+ [,width=<width>][,height=<height>]
+
+The object can be added on the QEMU command line, for instance with::
+
+ -object input-barrier,id=barrier0,name=VM-1
+
+where VM-1 is the name the display configured in the Barrier server
+on the host providing the mouse and the keyboard events.
+
+by default ``<barrier server address>`` is ``localhost``,
+``<port>`` is ``24800``, ``<x-origin>`` and ``<y-origin>`` are set to ``0``,
+``<width>`` and ``<height>`` to ``1920`` and ``1080``.
+
+If the Barrier server is stopped QEMU needs to be reconnected manually,
+by removing and re-adding the input-barrier object, for instance
+with the help of the HMP monitor::
+
+ (qemu) object_del barrier0
+ (qemu) object_add input-barrier,id=barrier0,name=VM-1
diff --git a/docs/system/bootindex.rst b/docs/system/bootindex.rst
new file mode 100644
index 0000000..8b057f8
--- /dev/null
+++ b/docs/system/bootindex.rst
@@ -0,0 +1,76 @@
+Managing device boot order with bootindex properties
+====================================================
+
+QEMU can tell QEMU-aware guest firmware (like the x86 PC BIOS)
+which order it should look for a bootable OS on which devices.
+A simple way to set this order is to use the ``-boot order=`` option,
+but you can also do this more flexibly, by setting a ``bootindex``
+property on the individual block or net devices you specify
+on the QEMU command line.
+
+The ``bootindex`` properties are used to determine the order in which
+firmware will consider devices for booting the guest OS. If the
+``bootindex`` property is not set for a device, it gets the lowest
+boot priority. There is no particular order in which devices with no
+``bootindex`` property set will be considered for booting, but they
+will still be bootable.
+
+Some guest machine types (for instance the s390x machines) do
+not support ``-boot order=``; on those machines you must always
+use ``bootindex`` properties.
+
+There is no way to set a ``bootindex`` property if you are using
+a short-form option like ``-hda`` or ``-cdrom``, so to use
+``bootindex`` properties you will need to expand out those options
+into long-form ``-drive`` and ``-device`` option pairs.
+
+Example
+-------
+
+Let's assume we have a QEMU machine with two NICs (virtio, e1000) and two
+disks (IDE, virtio):
+
+.. parsed-literal::
+
+ |qemu_system| -drive file=disk1.img,if=none,id=disk1 \\
+ -device ide-hd,drive=disk1,bootindex=4 \\
+ -drive file=disk2.img,if=none,id=disk2 \\
+ -device virtio-blk-pci,drive=disk2,bootindex=3 \\
+ -netdev type=user,id=net0 \\
+ -device virtio-net-pci,netdev=net0,bootindex=2 \\
+ -netdev type=user,id=net1 \\
+ -device e1000,netdev=net1,bootindex=1
+
+Given the command above, firmware should try to boot from the e1000 NIC
+first. If this fails, it should try the virtio NIC next; if this fails
+too, it should try the virtio disk, and then the IDE disk.
+
+Limitations
+-----------
+
+Some firmware has limitations on which devices can be considered for
+booting. For instance, the PC BIOS boot specification allows only one
+disk to be bootable. If boot from disk fails for some reason, the BIOS
+won't retry booting from other disk. It can still try to boot from
+floppy or net, though.
+
+Sometimes, firmware cannot map the device path QEMU wants firmware to
+boot from to a boot method. It doesn't happen for devices the firmware
+can natively boot from, but if firmware relies on an option ROM for
+booting, and the same option ROM is used for booting from more then one
+device, the firmware may not be able to ask the option ROM to boot from
+a particular device reliably. For instance with the PC BIOS, if a SCSI HBA
+has three bootable devices target1, target3, target5 connected to it,
+the option ROM will have a boot method for each of them, but it is not
+possible to map from boot method back to a specific target. This is a
+shortcoming of the PC BIOS boot specification.
+
+Mixing bootindex and boot order parameters
+------------------------------------------
+
+Note that it does not make sense to use the bootindex property together
+with the ``-boot order=...`` (or ``-boot once=...``) parameter. The guest
+firmware implementations normally either support the one or the other,
+but not both parameters at the same time. Mixing them will result in
+undefined behavior, and thus the guest firmware will likely not boot
+from the expected devices.
diff --git a/docs/system/cpu-hotplug.rst b/docs/system/cpu-hotplug.rst
index bd06636..015ce2b 100644
--- a/docs/system/cpu-hotplug.rst
+++ b/docs/system/cpu-hotplug.rst
@@ -78,7 +78,7 @@
}
(QEMU)
-(5) Optionally, run QMP `query-cpus-fast` for some details about the
+(5) Optionally, run QMP ``query-cpus-fast`` for some details about the
vCPUs::
(QEMU) query-cpus-fast
diff --git a/docs/system/devices/usb.rst b/docs/system/devices/usb.rst
index eeab78d..afb7d6c 100644
--- a/docs/system/devices/usb.rst
+++ b/docs/system/devices/usb.rst
@@ -8,6 +8,92 @@
certain host operating systems). QEMU will automatically create and
connect virtual USB hubs as necessary to connect multiple USB devices.
+USB controllers
+~~~~~~~~~~~~~~~
+
+XHCI controller support
+^^^^^^^^^^^^^^^^^^^^^^^
+
+QEMU has XHCI host adapter support. The XHCI hardware design is much
+more virtualization-friendly when compared to EHCI and UHCI, thus XHCI
+emulation uses less resources (especially CPU). So if your guest
+supports XHCI (which should be the case for any operating system
+released around 2010 or later) we recommend using it:
+
+ qemu -device qemu-xhci
+
+XHCI supports USB 1.1, USB 2.0 and USB 3.0 devices, so this is the
+only controller you need. With only a single USB controller (and
+therefore only a single USB bus) present in the system there is no
+need to use the bus= parameter when adding USB devices.
+
+
+EHCI controller support
+^^^^^^^^^^^^^^^^^^^^^^^
+
+The QEMU EHCI Adapter supports USB 2.0 devices. It can be used either
+standalone or with companion controllers (UHCI, OHCI) for USB 1.1
+devices. The companion controller setup is more convenient to use
+because it provides a single USB bus supporting both USB 2.0 and USB
+1.1 devices. See next section for details.
+
+When running EHCI in standalone mode you can add UHCI or OHCI
+controllers for USB 1.1 devices too. Each controller creates its own
+bus though, so there are two completely separate USB buses: One USB
+1.1 bus driven by the UHCI controller and one USB 2.0 bus driven by
+the EHCI controller. Devices must be attached to the correct
+controller manually.
+
+The easiest way to add a UHCI controller to a ``pc`` machine is the
+``-usb`` switch. QEMU will create the UHCI controller as function of
+the PIIX3 chipset. The USB 1.1 bus will carry the name ``usb-bus.0``.
+
+You can use the standard ``-device`` switch to add a EHCI controller to
+your virtual machine. It is strongly recommended to specify an ID for
+the controller so the USB 2.0 bus gets an individual name, for example
+``-device usb-ehci,id=ehci``. This will give you a USB 2.0 bus named
+``ehci.0``.
+
+When adding USB devices using the ``-device`` switch you can specify the
+bus they should be attached to. Here is a complete example:
+
+.. parsed-literal::
+
+ |qemu_system| -M pc ${otheroptions} \\
+ -drive if=none,id=usbstick,format=raw,file=/path/to/image \\
+ -usb \\
+ -device usb-ehci,id=ehci \\
+ -device usb-tablet,bus=usb-bus.0 \\
+ -device usb-storage,bus=ehci.0,drive=usbstick
+
+This attaches a USB tablet to the UHCI adapter and a USB mass storage
+device to the EHCI adapter.
+
+
+Companion controller support
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The UHCI and OHCI controllers can attach to a USB bus created by EHCI
+as companion controllers. This is done by specifying the ``masterbus``
+and ``firstport`` properties. ``masterbus`` specifies the bus name the
+controller should attach to. ``firstport`` specifies the first port the
+controller should attach to, which is needed as usually one EHCI
+controller with six ports has three UHCI companion controllers with
+two ports each.
+
+There is a config file in docs which will do all this for
+you, which you can use like this:
+
+.. parsed-literal::
+
+ |qemu_system| -readconfig docs/config/ich9-ehci-uhci.cfg
+
+Then use ``bus=ehci.0`` to assign your USB devices to that bus.
+
+Using the ``-usb`` switch for ``q35`` machines will create a similar
+USB controller configuration.
+
+
.. _Connecting USB devices:
Connecting USB devices
@@ -28,17 +114,46 @@
``usb-storage,drive=drive_id``
Mass storage device backed by drive_id (see the :ref:`disk images`
- chapter in the System Emulation Users Guide)
+ chapter in the System Emulation Users Guide). This is the classic
+ bulk-only transport protocol used by 99% of USB sticks. This
+ example shows it connected to an XHCI USB controller and with
+ a drive backed by a raw format disk image:
+
+ .. parsed-literal::
+
+ |qemu_system| [...] \\
+ -drive if=none,id=stick,format=raw,file=/path/to/file.img \\
+ -device nec-usb-xhci,id=xhci \\
+ -device usb-storage,bus=xhci.0,drive=stick
``usb-uas``
- USB attached SCSI device, see
- `usb-storage.txt <https://git.qemu.org/?p=qemu.git;a=blob_plain;f=docs/usb-storage.txt>`__
- for details
+ USB attached SCSI device. This does not create a SCSI disk, so
+ you need to explicitly create a ``scsi-hd`` or ``scsi-cd`` device
+ on the command line, as well as using the ``-drive`` option to
+ specify what those disks are backed by. One ``usb-uas`` device can
+ handle multiple logical units (disks). This example creates three
+ logical units: two disks and one cdrom drive:
+
+ .. parsed-literal::
+
+ |qemu_system| [...] \\
+ -drive if=none,id=uas-disk1,format=raw,file=/path/to/file1.img \\
+ -drive if=none,id=uas-disk2,format=raw,file=/path/to/file2.img \\
+ -drive if=none,id=uas-cdrom,media=cdrom,format=raw,file=/path/to/image.iso \\
+ -device nec-usb-xhci,id=xhci \\
+ -device usb-uas,id=uas,bus=xhci.0 \\
+ -device scsi-hd,bus=uas.0,scsi-id=0,lun=0,drive=uas-disk1 \\
+ -device scsi-hd,bus=uas.0,scsi-id=0,lun=1,drive=uas-disk2 \\
+ -device scsi-cd,bus=uas.0,scsi-id=0,lun=5,drive=uas-cdrom
``usb-bot``
- Bulk-only transport storage device, see
- `usb-storage.txt <https://git.qemu.org/?p=qemu.git;a=blob_plain;f=docs/usb-storage.txt>`__
- for details here, too
+ Bulk-only transport storage device. This presents the guest with the
+ same USB bulk-only transport protocol interface as ``usb-storage``, but
+ the QEMU command line option works like ``usb-uas`` and does not
+ automatically create SCSI disks for you. ``usb-bot`` supports up to
+ 16 LUNs. Unlike ``usb-uas``, the LUN numbers must be continuous,
+ i.e. for three devices you must use 0+1+2. The 0+1+5 numbering from the
+ ``usb-uas`` example above won't work with ``usb-bot``.
``usb-mtp,rootdir=dir``
Media transfer protocol device, using dir as root of the file tree
@@ -84,6 +199,53 @@
``u2f-{emulated,passthru}``
Universal Second Factor device
+Physical port addressing
+^^^^^^^^^^^^^^^^^^^^^^^^
+
+For all the above USB devices, by default QEMU will plug the device
+into the next available port on the specified USB bus, or onto
+some available USB bus if you didn't specify one explicitly.
+If you need to, you can also specify the physical port where
+the device will show up in the guest. This can be done using the
+``port`` property. UHCI has two root ports (1,2). EHCI has six root
+ports (1-6), and the emulated (1.1) USB hub has eight ports.
+
+Plugging a tablet into UHCI port 1 works like this::
+
+ -device usb-tablet,bus=usb-bus.0,port=1
+
+Plugging a hub into UHCI port 2 works like this::
+
+ -device usb-hub,bus=usb-bus.0,port=2
+
+Plugging a virtual USB stick into port 4 of the hub just plugged works
+this way::
+
+ -device usb-storage,bus=usb-bus.0,port=2.4,drive=...
+
+In the monitor, the ``device_add` command also accepts a ``port``
+property specification. If you want to unplug devices too you should
+specify some unique id which you can use to refer to the device.
+You can then use ``device_del`` to unplug the device later.
+For example::
+
+ (qemu) device_add usb-tablet,bus=usb-bus.0,port=1,id=my-tablet
+ (qemu) device_del my-tablet
+
+Hotplugging USB storage
+~~~~~~~~~~~~~~~~~~~~~~~
+
+The ``usb-bot`` and ``usb-uas`` devices can be hotplugged. In the hotplug
+case they are added with ``attached = false`` so the guest will not see
+the device until the ``attached`` property is explicitly set to true.
+That allows you to attach one or more scsi devices before making the
+device visible to the guest. The workflow looks like this:
+
+#. ``device-add usb-bot,id=foo``
+#. ``device-add scsi-{hd,cd},bus=foo.0,lun=0``
+#. optionally add more devices (luns 1 ... 15)
+#. ``scripts/qmp/qom-set foo.attached = true``
+
.. _host_005fusb_005fdevices:
Using host USB devices on a Linux host
@@ -138,3 +300,52 @@
When relaunching QEMU, you may have to unplug and plug again the USB
device to make it work again (this is a bug).
+
+``usb-host`` properties for specifying the host device
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The example above uses the ``vendorid`` and ``productid`` to
+specify which host device to pass through, but this is not
+the only way to specify the host device. ``usb-host`` supports
+the following properties:
+
+``hostbus=<nr>``
+ Specifies the bus number the device must be attached to
+``hostaddr=<nr>``
+ Specifies the device address the device got assigned by the guest os
+``hostport=<str>``
+ Specifies the physical port the device is attached to
+``vendorid=<hexnr>``
+ Specifies the vendor ID of the device
+``productid=<hexnr>``
+ Specifies the product ID of the device.
+
+In theory you can combine all these properties as you like. In
+practice only a few combinations are useful:
+
+- ``vendorid`` and ``productid`` -- match for a specific device, pass it to
+ the guest when it shows up somewhere in the host.
+
+- ``hostbus`` and ``hostport`` -- match for a specific physical port in the
+ host, any device which is plugged in there gets passed to the
+ guest.
+
+- ``hostbus`` and ``hostaddr`` -- most useful for ad-hoc pass through as the
+ hostaddr isn't stable. The next time you plug the device into the host it
+ will get a new hostaddr.
+
+Note that on the host USB 1.1 devices are handled by UHCI/OHCI and USB
+2.0 by EHCI. That means different USB devices plugged into the very
+same physical port on the host may show up on different host buses
+depending on the speed. Supposing that devices plugged into a given
+physical port appear as bus 1 + port 1 for 2.0 devices and bus 3 + port 1
+for 1.1 devices, you can pass through any device plugged into that port
+and also assign it to the correct USB bus in QEMU like this:
+
+.. parsed-literal::
+
+ |qemu_system| -M pc [...] \\
+ -usb \\
+ -device usb-ehci,id=ehci \\
+ -device usb-host,bus=usb-bus.0,hostbus=3,hostport=1 \\
+ -device usb-host,bus=ehci.0,hostbus=1,hostport=1
diff --git a/docs/system/generic-loader.rst b/docs/system/generic-loader.rst
index 531ddbc..4f9fb00 100644
--- a/docs/system/generic-loader.rst
+++ b/docs/system/generic-loader.rst
@@ -1,8 +1,8 @@
..
Copyright (c) 2016, Xilinx Inc.
-This work is licensed under the terms of the GNU GPL, version 2 or later. See
-the COPYING file in the top-level directory.
+ This work is licensed under the terms of the GNU GPL, version 2 or later. See
+ the COPYING file in the top-level directory.
Generic Loader
--------------
diff --git a/docs/system/guest-loader.rst b/docs/system/guest-loader.rst
index 37d03cb..4320d11 100644
--- a/docs/system/guest-loader.rst
+++ b/docs/system/guest-loader.rst
@@ -4,7 +4,7 @@
Guest Loader
------------
-The guest loader is similar to the `generic-loader` although it is
+The guest loader is similar to the ``generic-loader`` although it is
aimed at a particular use case of loading hypervisor guests. This is
useful for debugging hypervisors without having to jump through the
hoops of firmware and boot-loaders.
@@ -27,12 +27,12 @@
In the above example the Xen hypervisor is loaded by the -kernel
parameter and passed it's boot arguments via -append. The Dom0 guest
is loaded into the areas of memory. Each blob will get
-`/chosen/module@<addr>` entry in the FDT to indicate it's location and
+``/chosen/module@<addr>`` entry in the FDT to indicate it's location and
size. Additional information can be passed with by using additional
arguments.
Currently the only supported machines which use FDT data to boot are
-the ARM and RiscV `virt` machines.
+the ARM and RiscV ``virt`` machines.
Arguments
^^^^^^^^^
diff --git a/docs/system/index.rst b/docs/system/index.rst
index 64a424a..7b9276c 100644
--- a/docs/system/index.rst
+++ b/docs/system/index.rst
@@ -20,12 +20,14 @@
linuxboot
generic-loader
guest-loader
+ barrier
vnc-security
tls
secrets
authz
gdb
managed-startup
+ bootindex
cpu-hotplug
pr-manager
targets
diff --git a/docs/system/ppc/powernv.rst b/docs/system/ppc/powernv.rst
index 43c58bc..4c4cdea 100644
--- a/docs/system/ppc/powernv.rst
+++ b/docs/system/ppc/powernv.rst
@@ -48,15 +48,15 @@
--------
The OPAL firmware (OpenPower Abstraction Layer) for OpenPower systems
-includes the runtime services `skiboot` and the bootloader kernel and
-initramfs `skiroot`. Source code can be found on GitHub:
+includes the runtime services ``skiboot`` and the bootloader kernel and
+initramfs ``skiroot``. Source code can be found on GitHub:
https://github.com/open-power.
-Prebuilt images of `skiboot` and `skiboot` are made available on the `OpenPOWER <https://openpower.xyz/job/openpower/job/openpower-op-build/>`__ site. To boot a POWER9 machine, use the `witherspoon <https://openpower.xyz/job/openpower/job/openpower-op-build/label=slave,target=witherspoon/lastSuccessfulBuild/>`__ images. For POWER8, use
+Prebuilt images of ``skiboot`` and ``skiboot`` are made available on the `OpenPOWER <https://openpower.xyz/job/openpower/job/openpower-op-build/>`__ site. To boot a POWER9 machine, use the `witherspoon <https://openpower.xyz/job/openpower/job/openpower-op-build/label=slave,target=witherspoon/lastSuccessfulBuild/>`__ images. For POWER8, use
the `palmetto <https://openpower.xyz/job/openpower/job/openpower-op-build/label=slave,target=palmetto/lastSuccessfulBuild/>`__ images.
-QEMU includes a prebuilt image of `skiboot` which is updated when a
+QEMU includes a prebuilt image of ``skiboot`` which is updated when a
more recent version is required by the models.
Boot options
diff --git a/docs/system/riscv/microchip-icicle-kit.rst b/docs/system/riscv/microchip-icicle-kit.rst
index 817d2aec..40798b1 100644
--- a/docs/system/riscv/microchip-icicle-kit.rst
+++ b/docs/system/riscv/microchip-icicle-kit.rst
@@ -95,7 +95,7 @@
-serial chardev:serial1
With above command line, current terminal session will be used for the first
-serial port. Open another terminal window, and use `minicom` to connect the
+serial port. Open another terminal window, and use ``minicom`` to connect the
second serial port.
.. code-block:: bash
diff --git a/docs/system/riscv/virt.rst b/docs/system/riscv/virt.rst
index 3709f05..321d77e 100644
--- a/docs/system/riscv/virt.rst
+++ b/docs/system/riscv/virt.rst
@@ -1,7 +1,7 @@
'virt' Generic Virtual Platform (``virt``)
==========================================
-The `virt` board is a platform which does not correspond to any real hardware;
+The ``virt`` board is a platform which does not correspond to any real hardware;
it is designed for use in virtual machines. It is the recommended board type
if you simply want to run a guest such as Linux and do not care about
reproducing the idiosyncrasies and limitations of a particular bit of
diff --git a/docs/system/s390x/protvirt.rst b/docs/system/s390x/protvirt.rst
index 0f48104..aee63ed 100644
--- a/docs/system/s390x/protvirt.rst
+++ b/docs/system/s390x/protvirt.rst
@@ -14,11 +14,11 @@
To run PVMs, a machine with the Protected Virtualization feature, as
indicated by the Ultravisor Call facility (stfle bit 158), is
required. The Ultravisor needs to be initialized at boot by setting
-`prot_virt=1` on the host's kernel command line.
+``prot_virt=1`` on the host's kernel command line.
Running PVMs requires using the KVM hypervisor.
-If those requirements are met, the capability `KVM_CAP_S390_PROTECTED`
+If those requirements are met, the capability ``KVM_CAP_S390_PROTECTED``
will indicate that KVM can support PVMs on that LPAR.
@@ -26,15 +26,15 @@
-----------------------------------
To run a PVM you will need to select a CPU model which includes the
-`Unpack facility` (stfle bit 161 represented by the feature
-`unpack`/`S390_FEAT_UNPACK`), and add these options to the command line::
+``Unpack facility`` (stfle bit 161 represented by the feature
+``unpack``/``S390_FEAT_UNPACK``), and add these options to the command line::
-object s390-pv-guest,id=pv0 \
-machine confidential-guest-support=pv0
Adding these options will:
-* Ensure the `unpack` facility is available
+* Ensure the ``unpack`` facility is available
* Enable the IOMMU by default for all I/O devices
* Initialize the PV mechanism
@@ -63,5 +63,5 @@
components (kernel, initrd, cmdline), the stage3a loader and
metadata. In case this boot method is used, the command line
options -initrd and -cmdline are ineffective. The preparation of a PVM
-image is done via the `genprotimg` tool from the s390-tools
+image is done via the ``genprotimg`` tool from the s390-tools
collection.
diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst
index c0c2585..91ebc26 100644
--- a/docs/system/target-arm.rst
+++ b/docs/system/target-arm.rst
@@ -90,9 +90,12 @@
arm/highbank
arm/musicpal
arm/gumstix
+ arm/mainstone
+ arm/kzm
arm/nrf
arm/nseries
arm/nuvoton
+ arm/imx25-pdk
arm/orangepi
arm/palm
arm/raspi
diff --git a/docs/tools/virtiofsd.rst b/docs/tools/virtiofsd.rst
index c4ac7fd..b208f2a 100644
--- a/docs/tools/virtiofsd.rst
+++ b/docs/tools/virtiofsd.rst
@@ -102,7 +102,7 @@
default is ``no_xattr``.
* posix_acl|no_posix_acl -
- Enable/disable posix acl support. Posix ACLs are disabled by default`.
+ Enable/disable posix acl support. Posix ACLs are disabled by default.
.. option:: --socket-path=PATH
diff --git a/docs/usb-storage.txt b/docs/usb-storage.txt
deleted file mode 100644
index 551af6f..0000000
--- a/docs/usb-storage.txt
+++ /dev/null
@@ -1,59 +0,0 @@
-
-qemu usb storage emulation
---------------------------
-
-QEMU has three devices for usb storage emulation.
-
-Number one emulates the classic bulk-only transport protocol which is
-used by 99% of the usb sticks on the market today and is called
-"usb-storage". Usage (hooking up to xhci, other host controllers work
-too):
-
- qemu ${other_vm_args} \
- -drive if=none,id=stick,file=/path/to/file.img \
- -device nec-usb-xhci,id=xhci \
- -device usb-storage,bus=xhci.0,drive=stick
-
-
-Number two is the newer usb attached scsi transport. This one doesn't
-automagically create a scsi disk, so you have to explicitly attach one
-manually. Multiple logical units are supported. Here is an example
-with tree logical units:
-
- qemu ${other_vm_args} \
- -drive if=none,id=uas-disk1,file=/path/to/file1.img \
- -drive if=none,id=uas-disk2,file=/path/to/file2.img \
- -drive if=none,id=uas-cdrom,media=cdrom,file=/path/to/image.iso \
- -device nec-usb-xhci,id=xhci \
- -device usb-uas,id=uas,bus=xhci.0 \
- -device scsi-hd,bus=uas.0,scsi-id=0,lun=0,drive=uas-disk1 \
- -device scsi-hd,bus=uas.0,scsi-id=0,lun=1,drive=uas-disk2 \
- -device scsi-cd,bus=uas.0,scsi-id=0,lun=5,drive=uas-cdrom
-
-
-Number three emulates the classic bulk-only transport protocol too.
-It's called "usb-bot". It shares most code with "usb-storage", and
-the guest will not be able to see the difference. The qemu command
-line interface is similar to usb-uas though, i.e. no automatic scsi
-disk creation. It also features support for up to 16 LUNs. The LUN
-numbers must be continuous, i.e. for three devices you must use 0+1+2.
-The 0+1+5 numbering from the "usb-uas" example isn't going to work
-with "usb-bot".
-
-Starting with qemu version 2.7 usb-bot and usb-uas devices can be
-hotplugged. In the hotplug case they are added with "attached =
-false" so the guest will not see the device until the "attached"
-property is explicitly set to true. That allows to attach one or more
-scsi devices before making the device visible to the guest, i.e. the
-workflow looks like this:
-
- (1) device-add usb-bot,id=foo
- (2) device-add scsi-{hd,cd},bus=foo.0,lun=0
- (2b) optionally add more devices (luns 1 ... 15).
- (3) scripts/qmp/qom-set foo.attached = true
-
-enjoy,
- Gerd
-
---
-Gerd Hoffmann <kraxel@redhat.com>
diff --git a/docs/usb2.txt b/docs/usb2.txt
deleted file mode 100644
index 172614d..0000000
--- a/docs/usb2.txt
+++ /dev/null
@@ -1,172 +0,0 @@
-
-USB Quick Start
-===============
-
-XHCI controller support
------------------------
-
-QEMU has XHCI host adapter support. The XHCI hardware design is much
-more virtualization-friendly when compared to EHCI and UHCI, thus XHCI
-emulation uses less resources (especially cpu). So if your guest
-supports XHCI (which should be the case for any operating system
-released around 2010 or later) we recommend using it:
-
- qemu -device qemu-xhci
-
-XHCI supports USB 1.1, USB 2.0 and USB 3.0 devices, so this is the
-only controller you need. With only a single USB controller (and
-therefore only a single USB bus) present in the system there is no
-need to use the bus= parameter when adding USB devices.
-
-
-EHCI controller support
------------------------
-
-The QEMU EHCI Adapter supports USB 2.0 devices. It can be used either
-standalone or with companion controllers (UHCI, OHCI) for USB 1.1
-devices. The companion controller setup is more convenient to use
-because it provides a single USB bus supporting both USB 2.0 and USB
-1.1 devices. See next section for details.
-
-When running EHCI in standalone mode you can add UHCI or OHCI
-controllers for USB 1.1 devices too. Each controller creates its own
-bus though, so there are two completely separate USB buses: One USB
-1.1 bus driven by the UHCI controller and one USB 2.0 bus driven by
-the EHCI controller. Devices must be attached to the correct
-controller manually.
-
-The easiest way to add a UHCI controller to a 'pc' machine is the
-'-usb' switch. QEMU will create the UHCI controller as function of
-the PIIX3 chipset. The USB 1.1 bus will carry the name "usb-bus.0".
-
-You can use the standard -device switch to add a EHCI controller to
-your virtual machine. It is strongly recommended to specify an ID for
-the controller so the USB 2.0 bus gets an individual name, for example
-'-device usb-ehci,id=ehci". This will give you a USB 2.0 bus named
-"ehci.0".
-
-When adding USB devices using the -device switch you can specify the
-bus they should be attached to. Here is a complete example:
-
- qemu -M pc ${otheroptions} \
- -drive if=none,id=usbstick,file=/path/to/image \
- -usb \
- -device usb-ehci,id=ehci \
- -device usb-tablet,bus=usb-bus.0 \
- -device usb-storage,bus=ehci.0,drive=usbstick
-
-This attaches a USB tablet to the UHCI adapter and a USB mass storage
-device to the EHCI adapter.
-
-
-Companion controller support
-----------------------------
-
-The UHCI and OHCI controllers can attach to a USB bus created by EHCI
-as companion controllers. This is done by specifying the masterbus
-and firstport properties. masterbus specifies the bus name the
-controller should attach to. firstport specifies the first port the
-controller should attach to, which is needed as usually one EHCI
-controller with six ports has three UHCI companion controllers with
-two ports each.
-
-There is a config file in docs which will do all this for
-you, just try ...
-
- qemu -readconfig docs/config/ich9-ehci-uhci.cfg
-
-... then use "bus=ehci.0" to assign your USB devices to that bus.
-
-Using the '-usb' switch for 'q35' machines will create a similar
-USB controller configuration.
-
-
-More USB tips & tricks
-======================
-
-Recently the USB pass through driver (also known as usb-host) and the
-QEMU USB subsystem gained a few capabilities which are available only
-via qdev properties, i,e. when using '-device'.
-
-
-physical port addressing
-------------------------
-
-First you can (for all USB devices) specify the physical port where
-the device will show up in the guest. This can be done using the
-"port" property. UHCI has two root ports (1,2). EHCI has six root
-ports (1-6), the emulated (1.1) USB hub has eight ports.
-
-Plugging a tablet into UHCI port 1 works like this:
-
- -device usb-tablet,bus=usb-bus.0,port=1
-
-Plugging a hub into UHCI port 2 works like this:
-
- -device usb-hub,bus=usb-bus.0,port=2
-
-Plugging a virtual USB stick into port 4 of the hub just plugged works
-this way:
-
- -device usb-storage,bus=usb-bus.0,port=2.4,drive=...
-
-You can do basically the same in the monitor using the device_add
-command. If you want to unplug devices too you should specify some
-unique id which you can use to refer to the device ...
-
- (qemu) device_add usb-tablet,bus=usb-bus.0,port=1,id=my-tablet
- (qemu) device_del my-tablet
-
-... when unplugging it with device_del.
-
-
-USB pass through hints
-----------------------
-
-The usb-host driver has a bunch of properties to specify the device
-which should be passed to the guest:
-
- hostbus=<nr> -- Specifies the bus number the device must be attached
- to.
-
- hostaddr=<nr> -- Specifies the device address the device got
- assigned by the guest os.
-
- hostport=<str> -- Specifies the physical port the device is attached
- to.
-
- vendorid=<hexnr> -- Specifies the vendor ID of the device.
- productid=<hexnr> -- Specifies the product ID of the device.
-
-In theory you can combine all these properties as you like. In
-practice only a few combinations are useful:
-
- (1) vendorid+productid -- match for a specific device, pass it to
- the guest when it shows up somewhere in the host.
-
- (2) hostbus+hostport -- match for a specific physical port in the
- host, any device which is plugged in there gets passed to the
- guest.
-
- (3) hostbus+hostaddr -- most useful for ad-hoc pass through as the
- hostaddr isn't stable, the next time you plug in the device it
- gets a new one ...
-
-Note that USB 1.1 devices are handled by UHCI/OHCI and USB 2.0 by
-EHCI. That means a device plugged into the very same physical port
-may show up on different buses depending on the speed. The port I'm
-using for testing is bus 1 + port 1 for 2.0 devices and bus 3 + port 1
-for 1.1 devices. Passing through any device plugged into that port
-and also assign them to the correct bus can be done this way:
-
- qemu -M pc ${otheroptions} \
- -usb \
- -device usb-ehci,id=ehci \
- -device usb-host,bus=usb-bus.0,hostbus=3,hostport=1 \
- -device usb-host,bus=ehci.0,hostbus=1,hostport=1
-
-enjoy,
- Gerd
-
---
-Gerd Hoffmann <kraxel@redhat.com>
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index d7b0592..57efb61 100644
--- a/hw/arm/boot.c
+++ b/hw/arm/boot.c
@@ -1243,6 +1243,15 @@
bool try_decompressing_kernel;
fw_cfg = fw_cfg_find();
+
+ if (!fw_cfg) {
+ error_report("This machine type does not support loading both "
+ "a guest firmware/BIOS image and a guest kernel at "
+ "the same time. You should change your QEMU command "
+ "line to specify one or the other, but not both.");
+ exit(1);
+ }
+
try_decompressing_kernel = arm_feature(&cpu->env,
ARM_FEATURE_AARCH64);
diff --git a/hw/arm/sbsa-ref.c b/hw/arm/sbsa-ref.c
index 43c19b4..c1629df 100644
--- a/hw/arm/sbsa-ref.c
+++ b/hw/arm/sbsa-ref.c
@@ -691,13 +691,6 @@
firmware_loaded = sbsa_firmware_init(sms, sysmem, secure_sysmem);
- if (machine->kernel_filename && firmware_loaded) {
- error_report("sbsa-ref: No fw_cfg device on this machine, "
- "so -kernel option is not supported when firmware loaded, "
- "please load OS from hard disk instead");
- exit(1);
- }
-
/*
* This machine has EL3 enabled, external firmware should supply PSCI
* implementation, so the QEMU's internal PSCI is disabled.
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 775add0..943974d 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -41,6 +41,8 @@
{ "gpex-pcihost", "allow-unmapped-accesses", "false" },
{ "i8042", "extended-state", "false"},
{ "nvme-ns", "eui64-default", "off"},
+ { "e1000", "init-vet", "off" },
+ { "e1000e", "init-vet", "off" },
};
const size_t hw_compat_6_0_len = G_N_ELEMENTS(hw_compat_6_0);
diff --git a/hw/i2c/smbus_eeprom.c b/hw/i2c/smbus_eeprom.c
index 4d2bf99..12c5741 100644
--- a/hw/i2c/smbus_eeprom.c
+++ b/hw/i2c/smbus_eeprom.c
@@ -276,7 +276,7 @@
spd[18] = 12; /* ~CAS latencies supported */
spd[19] = (type == DDR2 ? 0 : 1); /* reserved / ~CS latencies supported */
spd[20] = 2; /* DIMM type / ~WE latencies */
- /* module features */
+ spd[21] = (type < DDR2 ? 0x20 : 0); /* module features */
/* memory chip features */
spd[23] = 0x12; /* clock cycle time @ medium CAS latency */
/* data access time */
diff --git a/hw/net/can/can_sja1000.c b/hw/net/can/can_sja1000.c
index 42d2f99..34eea68 100644
--- a/hw/net/can/can_sja1000.c
+++ b/hw/net/can/can_sja1000.c
@@ -275,6 +275,10 @@
}
frame->can_dlc = buff[0] & 0x0f;
+ if (frame->can_dlc > 8) {
+ frame->can_dlc = 8;
+ }
+
if (buff[0] & 0x80) { /* Extended */
frame->can_id |= QEMU_CAN_EFF_FLAG;
frame->can_id |= buff[1] << 21; /* ID.28~ID.21 */
@@ -311,6 +315,10 @@
}
frame->can_dlc = buff[1] & 0x0f;
+ if (frame->can_dlc > 8) {
+ frame->can_dlc = 8;
+ }
+
for (i = 0; i < frame->can_dlc; i++) {
frame->data[i] = buff[2 + i];
}
diff --git a/hw/net/e1000.c b/hw/net/e1000.c
index 4f75b44..a30546c 100644
--- a/hw/net/e1000.c
+++ b/hw/net/e1000.c
@@ -29,6 +29,7 @@
#include "hw/pci/pci.h"
#include "hw/qdev-properties.h"
#include "migration/vmstate.h"
+#include "net/eth.h"
#include "net/net.h"
#include "net/checksum.h"
#include "sysemu/sysemu.h"
@@ -130,10 +131,13 @@
#define E1000_FLAG_MIT_BIT 1
#define E1000_FLAG_MAC_BIT 2
#define E1000_FLAG_TSO_BIT 3
+#define E1000_FLAG_VET_BIT 4
#define E1000_FLAG_AUTONEG (1 << E1000_FLAG_AUTONEG_BIT)
#define E1000_FLAG_MIT (1 << E1000_FLAG_MIT_BIT)
#define E1000_FLAG_MAC (1 << E1000_FLAG_MAC_BIT)
#define E1000_FLAG_TSO (1 << E1000_FLAG_TSO_BIT)
+#define E1000_FLAG_VET (1 << E1000_FLAG_VET_BIT)
+
uint32_t compat_flags;
bool received_tx_tso;
bool use_tso_for_migration;
@@ -361,6 +365,13 @@
}
}
+static bool e1000_vet_init_need(void *opaque)
+{
+ E1000State *s = opaque;
+
+ return chkflag(VET);
+}
+
static void e1000_reset(void *opaque)
{
E1000State *d = opaque;
@@ -386,6 +397,10 @@
}
e1000x_reset_mac_addr(d->nic, d->mac_reg, macaddr);
+
+ if (e1000_vet_init_need(d)) {
+ d->mac_reg[VET] = ETH_P_VLAN;
+ }
}
static void
@@ -1737,6 +1752,8 @@
compat_flags, E1000_FLAG_MAC_BIT, true),
DEFINE_PROP_BIT("migrate_tso_props", E1000State,
compat_flags, E1000_FLAG_TSO_BIT, true),
+ DEFINE_PROP_BIT("init-vet", E1000State,
+ compat_flags, E1000_FLAG_VET_BIT, true),
DEFINE_PROP_END_OF_LIST(),
};
diff --git a/hw/net/e1000e.c b/hw/net/e1000e.c
index a8a77ec..ac96f76 100644
--- a/hw/net/e1000e.c
+++ b/hw/net/e1000e.c
@@ -35,6 +35,7 @@
#include "qemu/osdep.h"
#include "qemu/units.h"
+#include "net/eth.h"
#include "net/net.h"
#include "net/tap.h"
#include "qemu/module.h"
@@ -79,7 +80,7 @@
bool disable_vnet;
E1000ECore core;
-
+ bool init_vet;
};
#define E1000E_MMIO_IDX 0
@@ -527,6 +528,10 @@
trace_e1000e_cb_qdev_reset();
e1000e_core_reset(&s->core);
+
+ if (s->init_vet) {
+ s->core.mac[VET] = ETH_P_VLAN;
+ }
}
static int e1000e_pre_save(void *opaque)
@@ -666,6 +671,7 @@
e1000e_prop_subsys_ven, uint16_t),
DEFINE_PROP_SIGNED("subsys", E1000EState, subsys, 0,
e1000e_prop_subsys, uint16_t),
+ DEFINE_PROP_BOOL("init-vet", E1000EState, init_vet, true),
DEFINE_PROP_END_OF_LIST(),
};
diff --git a/hw/net/e1000e_core.c b/hw/net/e1000e_core.c
index b75f2ab..8ae6fb7 100644
--- a/hw/net/e1000e_core.c
+++ b/hw/net/e1000e_core.c
@@ -731,7 +731,7 @@
if (e1000x_vlan_enabled(core->mac) &&
e1000x_is_vlan_txd(txd_lower)) {
net_tx_pkt_setup_vlan_header_ex(tx->tx_pkt,
- le16_to_cpu(dp->upper.fields.special), core->vet);
+ le16_to_cpu(dp->upper.fields.special), core->mac[VET]);
}
if (e1000e_tx_pkt_send(core, tx, queue_index)) {
e1000e_on_tx_done_update_stats(core, tx->tx_pkt);
@@ -1012,7 +1012,7 @@
{
uint32_t rctl = core->mac[RCTL];
- if (e1000x_is_vlan_packet(buf, core->vet) &&
+ if (e1000x_is_vlan_packet(buf, core->mac[VET]) &&
e1000x_vlan_rx_filter_enabled(core->mac)) {
uint16_t vid = lduw_be_p(buf + 14);
uint32_t vfta = ldl_le_p((uint32_t *)(core->mac + VFTA) +
@@ -1285,7 +1285,6 @@
&d->special);
d->errors = (uint8_t) (le32_to_cpu(status_flags) >> 24);
d->status = (uint8_t) le32_to_cpu(status_flags);
- d->special = 0;
}
static inline void
@@ -1686,7 +1685,7 @@
}
net_rx_pkt_attach_iovec_ex(core->rx_pkt, iov, iovcnt, iov_ofs,
- e1000x_vlan_enabled(core->mac), core->vet);
+ e1000x_vlan_enabled(core->mac), core->mac[VET]);
e1000e_rss_parse_packet(core, core->rx_pkt, &rss_info);
e1000e_rx_ring_init(core, &rxr, rss_info.queue);
@@ -2397,8 +2396,7 @@
e1000e_set_vet(E1000ECore *core, int index, uint32_t val)
{
core->mac[VET] = val & 0xffff;
- core->vet = le16_to_cpu(core->mac[VET]);
- trace_e1000e_vlan_vet(core->vet);
+ trace_e1000e_vlan_vet(core->mac[VET]);
}
static void
diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
index f6bd8c5..41f796a 100644
--- a/hw/net/vmxnet3.c
+++ b/hw/net/vmxnet3.c
@@ -1381,7 +1381,7 @@
}
}
-static void vmxnet3_validate_queues(VMXNET3State *s)
+static bool vmxnet3_validate_queues(VMXNET3State *s)
{
/*
* txq_num and rxq_num are total number of queues
@@ -1390,12 +1390,18 @@
*/
if (s->txq_num > VMXNET3_DEVICE_MAX_TX_QUEUES) {
- hw_error("Bad TX queues number: %d\n", s->txq_num);
+ qemu_log_mask(LOG_GUEST_ERROR, "vmxnet3: Bad TX queues number: %d\n",
+ s->txq_num);
+ return false;
}
if (s->rxq_num > VMXNET3_DEVICE_MAX_RX_QUEUES) {
- hw_error("Bad RX queues number: %d\n", s->rxq_num);
+ qemu_log_mask(LOG_GUEST_ERROR, "vmxnet3: Bad RX queues number: %d\n",
+ s->rxq_num);
+ return false;
}
+
+ return true;
}
static void vmxnet3_activate_device(VMXNET3State *s)
@@ -1419,6 +1425,16 @@
return;
}
+ s->txq_num =
+ VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.misc.numTxQueues);
+ s->rxq_num =
+ VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.misc.numRxQueues);
+
+ VMW_CFPRN("Number of TX/RX queues %u/%u", s->txq_num, s->rxq_num);
+ if (!vmxnet3_validate_queues(s)) {
+ return;
+ }
+
vmxnet3_adjust_by_guest_type(s);
vmxnet3_update_features(s);
vmxnet3_update_pm_state(s);
@@ -1445,14 +1461,6 @@
VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.intrConf.autoMask);
VMW_CFPRN("Automatic interrupt masking is %d", (int)s->auto_int_masking);
- s->txq_num =
- VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.misc.numTxQueues);
- s->rxq_num =
- VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.misc.numRxQueues);
-
- VMW_CFPRN("Number of TX/RX queues %u/%u", s->txq_num, s->rxq_num);
- vmxnet3_validate_queues(s);
-
qdescr_table_pa =
VMXNET3_READ_DRV_SHARED64(d, s->drv_shmem, devRead.misc.queueDescPA);
VMW_CFPRN("TX queues descriptors table is at 0x%" PRIx64, qdescr_table_pa);
@@ -2404,7 +2412,9 @@
}
}
- vmxnet3_validate_queues(s);
+ if (!vmxnet3_validate_queues(s)) {
+ return -1;
+ }
vmxnet3_validate_interrupts(s);
return 0;
diff --git a/hw/ppc/pegasos2.c b/hw/ppc/pegasos2.c
index 9fad185..b8ce859 100644
--- a/hw/ppc/pegasos2.c
+++ b/hw/ppc/pegasos2.c
@@ -191,7 +191,7 @@
warn_report("Option -kernel may be ineffective with -bios.");
}
}
- if (machine->kernel_cmdline && !pm->vof) {
+ if (!pm->vof && machine->kernel_cmdline && machine->kernel_cmdline[0]) {
warn_report("Option -append may be ineffective with -bios.");
}
}
diff --git a/hw/ppc/trace-events b/hw/ppc/trace-events
index 6e90a01..da6e74b 100644
--- a/hw/ppc/trace-events
+++ b/hw/ppc/trace-events
@@ -88,8 +88,8 @@
vof_setprop(uint32_t ph, const char *prop, const char *val, uint32_t vallen, uint32_t ret) "ph=0x%x \"%s\" [%s] len=%d => ret=%d"
vof_open(const char *path, uint32_t ph, uint32_t ih) "%s ph=0x%x => ih=0x%x"
vof_interpret(const char *cmd, uint32_t param1, uint32_t param2, uint32_t ret, uint32_t ret2) "[%s] 0x%x 0x%x => 0x%x 0x%x"
-vof_package_to_path(uint32_t ph, const char *tmp, uint32_t ret) "ph=0x%x => %s len=%d"
-vof_instance_to_path(uint32_t ih, uint32_t ph, const char *tmp, uint32_t ret) "ih=0x%x ph=0x%x => %s len=%d"
+vof_package_to_path(uint32_t ph, const char *tmp, int ret) "ph=0x%x => %s len=%d"
+vof_instance_to_path(uint32_t ih, uint32_t ph, const char *tmp, int ret) "ih=0x%x ph=0x%x => %s len=%d"
vof_instance_to_package(uint32_t ih, uint32_t ph) "ih=0x%x => ph=0x%x"
vof_write(uint32_t ih, unsigned cb, const char *msg) "ih=0x%x [%u] \"%s\""
vof_avail(uint64_t start, uint64_t end, uint64_t size) "0x%"PRIx64"..0x%"PRIx64" size=0x%"PRIx64
diff --git a/hw/ppc/vof.c b/hw/ppc/vof.c
index 81f6596..73adc44 100644
--- a/hw/ppc/vof.c
+++ b/hw/ppc/vof.c
@@ -160,7 +160,7 @@
static uint32_t vof_finddevice(const void *fdt, uint32_t nodeaddr)
{
char fullnode[VOF_MAX_PATH];
- uint32_t ret = -1;
+ uint32_t ret = PROM_ERROR;
int offset;
if (readstr(nodeaddr, fullnode, sizeof(fullnode))) {
@@ -172,7 +172,7 @@
ret = fdt_get_phandle(fdt, offset);
}
trace_vof_finddevice(fullnode, ret);
- return (uint32_t) ret;
+ return ret;
}
static const void *getprop(const void *fdt, int nodeoff, const char *propname,
@@ -229,10 +229,10 @@
bool write0;
if (nodeoff < 0) {
- return -1;
+ return PROM_ERROR;
}
if (readstr(pname, propname, sizeof(propname))) {
- return -1;
+ return PROM_ERROR;
}
prop = getprop(fdt, nodeoff, propname, &proplen, &write0);
if (prop) {
@@ -244,7 +244,7 @@
(write0 &&
cb == proplen &&
VOF_MEM_WRITE(valaddr + cb - 1, &zero, 1) != MEMTX_OK)) {
- ret = -1;
+ ret = PROM_ERROR;
} else {
/*
* OF1275 says:
@@ -259,7 +259,7 @@
}
}
} else {
- ret = -1;
+ ret = PROM_ERROR;
}
trace_vof_getprop(nodeph, propname, ret, trval);
@@ -275,16 +275,16 @@
int nodeoff = fdt_node_offset_by_phandle(fdt, nodeph);
if (nodeoff < 0) {
- return -1;
+ return PROM_ERROR;
}
if (readstr(pname, propname, sizeof(propname))) {
- return -1;
+ return PROM_ERROR;
}
prop = getprop(fdt, nodeoff, propname, &proplen, NULL);
if (prop) {
ret = proplen;
} else {
- ret = -1;
+ ret = PROM_ERROR;
}
trace_vof_getproplen(nodeph, propname, ret);
@@ -296,8 +296,8 @@
uint32_t valaddr, uint32_t vallen)
{
char propname[OF_PROPNAME_LEN_MAX + 1];
- uint32_t ret = -1;
- int offset;
+ uint32_t ret = PROM_ERROR;
+ int offset, rc;
char trval[64] = "";
char nodepath[VOF_MAX_PATH] = "";
Object *vmo = object_dynamic_cast(OBJECT(ms), TYPE_VOF_MACHINE_IF);
@@ -314,8 +314,8 @@
if (offset < 0) {
goto trace_exit;
}
- ret = get_path(fdt, offset, nodepath, sizeof(nodepath));
- if (ret <= 0) {
+ rc = get_path(fdt, offset, nodepath, sizeof(nodepath));
+ if (rc <= 0) {
goto trace_exit;
}
@@ -333,8 +333,8 @@
goto trace_exit;
}
- ret = fdt_setprop(fdt, offset, propname, val, vallen);
- if (ret) {
+ rc = fdt_setprop(fdt, offset, propname, val, vallen);
+ if (rc) {
goto trace_exit;
}
@@ -358,7 +358,7 @@
const char *tmp;
if (readstr(prevaddr, prev, sizeof(prev))) {
- return -1;
+ return PROM_ERROR;
}
fdt_for_each_property_offset(offset, fdt, nodeoff) {
@@ -377,7 +377,7 @@
}
if (VOF_MEM_WRITE(nameaddr, tmp, strlen(tmp) + 1) != MEMTX_OK) {
- return -1;
+ return PROM_ERROR;
}
return 1;
}
@@ -388,18 +388,17 @@
static uint32_t vof_peer(const void *fdt, uint32_t phandle)
{
- int ret;
+ uint32_t ret = 0;
+ int rc;
if (phandle == 0) {
- ret = fdt_path_offset(fdt, "/");
+ rc = fdt_path_offset(fdt, "/");
} else {
- ret = fdt_next_subnode(fdt, fdt_node_offset_by_phandle(fdt, phandle));
+ rc = fdt_next_subnode(fdt, fdt_node_offset_by_phandle(fdt, phandle));
}
- if (ret < 0) {
- ret = 0;
- } else {
- ret = fdt_get_phandle(fdt, ret);
+ if (rc >= 0) {
+ ret = fdt_get_phandle(fdt, rc);
}
return ret;
@@ -407,12 +406,11 @@
static uint32_t vof_child(const void *fdt, uint32_t phandle)
{
- int ret = fdt_first_subnode(fdt, fdt_node_offset_by_phandle(fdt, phandle));
+ uint32_t ret = 0;
+ int rc = fdt_first_subnode(fdt, fdt_node_offset_by_phandle(fdt, phandle));
- if (ret < 0) {
- ret = 0;
- } else {
- ret = fdt_get_phandle(fdt, ret);
+ if (rc >= 0) {
+ ret = fdt_get_phandle(fdt, rc);
}
return ret;
@@ -420,12 +418,11 @@
static uint32_t vof_parent(const void *fdt, uint32_t phandle)
{
- int ret = fdt_parent_offset(fdt, fdt_node_offset_by_phandle(fdt, phandle));
+ uint32_t ret = 0;
+ int rc = fdt_parent_offset(fdt, fdt_node_offset_by_phandle(fdt, phandle));
- if (ret < 0) {
- ret = 0;
- } else {
- ret = fdt_get_phandle(fdt, ret);
+ if (rc >= 0) {
+ ret = fdt_get_phandle(fdt, rc);
}
return ret;
@@ -433,7 +430,7 @@
static uint32_t vof_do_open(void *fdt, Vof *vof, int offset, const char *path)
{
- uint32_t ret = -1;
+ uint32_t ret = PROM_ERROR;
OfInstance *inst = NULL;
if (vof->of_instance_last == 0xFFFFFFFF) {
@@ -461,18 +458,18 @@
uint32_t vof_client_open_store(void *fdt, Vof *vof, const char *nodename,
const char *prop, const char *path)
{
- int node = fdt_path_offset(fdt, nodename);
- int inst, offset;
+ int offset, node = fdt_path_offset(fdt, nodename);
+ uint32_t inst;
offset = fdt_path_offset(fdt, path);
if (offset < 0) {
trace_vof_error_unknown_path(path);
- return offset;
+ return PROM_ERROR;
}
inst = vof_do_open(fdt, vof, offset, path);
- return fdt_setprop_cell(fdt, node, prop, inst);
+ return fdt_setprop_cell(fdt, node, prop, inst) >= 0 ? 0 : PROM_ERROR;
}
static uint32_t vof_open(void *fdt, Vof *vof, uint32_t pathaddr)
@@ -481,13 +478,13 @@
int offset;
if (readstr(pathaddr, path, sizeof(path))) {
- return -1;
+ return PROM_ERROR;
}
offset = path_offset(fdt, path);
if (offset < 0) {
trace_vof_error_unknown_path(path);
- return offset;
+ return PROM_ERROR;
}
return vof_do_open(fdt, vof, offset, path);
@@ -504,7 +501,7 @@
{
gpointer instp = g_hash_table_lookup(vof->of_instances,
GINT_TO_POINTER(ihandle));
- uint32_t ret = -1;
+ uint32_t ret = PROM_ERROR;
if (instp) {
ret = ((OfInstance *)instp)->phandle;
@@ -517,39 +514,39 @@
static uint32_t vof_package_to_path(const void *fdt, uint32_t phandle,
uint32_t buf, uint32_t len)
{
- uint32_t ret = -1;
+ int rc;
char tmp[VOF_MAX_PATH] = "";
- ret = phandle_to_path(fdt, phandle, tmp, sizeof(tmp));
- if (ret > 0) {
- if (VOF_MEM_WRITE(buf, tmp, ret) != MEMTX_OK) {
- ret = -1;
+ rc = phandle_to_path(fdt, phandle, tmp, sizeof(tmp));
+ if (rc > 0) {
+ if (VOF_MEM_WRITE(buf, tmp, rc) != MEMTX_OK) {
+ rc = -1;
}
}
- trace_vof_package_to_path(phandle, tmp, ret);
+ trace_vof_package_to_path(phandle, tmp, rc);
- return ret;
+ return rc > 0 ? (uint32_t)rc : PROM_ERROR;
}
static uint32_t vof_instance_to_path(void *fdt, Vof *vof, uint32_t ihandle,
uint32_t buf, uint32_t len)
{
- uint32_t ret = -1;
+ int rc = -1;
uint32_t phandle = vof_instance_to_package(vof, ihandle);
char tmp[VOF_MAX_PATH] = "";
if (phandle != -1) {
- ret = phandle_to_path(fdt, phandle, tmp, sizeof(tmp));
- if (ret > 0) {
- if (VOF_MEM_WRITE(buf, tmp, ret) != MEMTX_OK) {
- ret = -1;
+ rc = phandle_to_path(fdt, phandle, tmp, sizeof(tmp));
+ if (rc > 0) {
+ if (VOF_MEM_WRITE(buf, tmp, rc) != MEMTX_OK) {
+ rc = -1;
}
}
}
- trace_vof_instance_to_path(ihandle, phandle, tmp, ret);
+ trace_vof_instance_to_path(ihandle, phandle, tmp, rc);
- return ret;
+ return rc > 0 ? (uint32_t)rc : PROM_ERROR;
}
static uint32_t vof_write(Vof *vof, uint32_t ihandle, uint32_t buf,
@@ -562,13 +559,13 @@
if (!inst) {
trace_vof_error_write(ihandle);
- return -1;
+ return PROM_ERROR;
}
for ( ; len > 0; len -= cb) {
cb = MIN(len, sizeof(tmp) - 1);
if (VOF_MEM_READ(buf, tmp, cb) != MEMTX_OK) {
- return -1;
+ return PROM_ERROR;
}
/* FIXME: there is no backend(s) yet so just call a trace */
@@ -747,7 +744,7 @@
static uint32_t vof_release(Vof *vof, uint64_t virt, uint64_t size)
{
- uint32_t ret = -1;
+ uint32_t ret = PROM_ERROR;
int i;
GArray *claimed = vof->claimed;
OfClaimed c;
@@ -776,7 +773,7 @@
uint32_t param2, uint32_t param3,
uint32_t param4, uint32_t *ret2)
{
- uint32_t ret = -1;
+ uint32_t ret = PROM_ERROR;
char method[VOF_MAX_METHODLEN] = "";
OfInstance *inst;
@@ -802,7 +799,8 @@
VofMachineIfClass *vmc = VOF_MACHINE_GET_CLASS(vmo);
g_assert(vmc->client_architecture_support);
- ret = vmc->client_architecture_support(ms, first_cpu, param1);
+ ret = (uint32_t)vmc->client_architecture_support(ms, first_cpu,
+ param1);
}
*ret2 = 0;
@@ -826,7 +824,7 @@
static uint32_t vof_call_interpret(uint32_t cmdaddr, uint32_t param1,
uint32_t param2, uint32_t *ret2)
{
- uint32_t ret = -1;
+ uint32_t ret = PROM_ERROR;
char cmd[VOF_MAX_FORTHCODE] = "";
/* No interpret implemented so just call a trace */
@@ -895,13 +893,20 @@
} else if (cmpserv("write", 3, 1)) {
ret = vof_write(vof, args[0], args[1], args[2]);
} else if (cmpserv("claim", 3, 1)) {
- ret = vof_claim(vof, args[0], args[1], args[2]);
- if (ret != -1) {
+ uint64_t ret64 = vof_claim(vof, args[0], args[1], args[2]);
+
+ if (ret64 < 0x100000000UL) {
vof_dt_memory_available(fdt, vof->claimed, vof->claimed_base);
+ ret = (uint32_t)ret64;
+ } else {
+ if (ret64 != -1) {
+ vof_release(vof, ret, args[1]);
+ }
+ ret = PROM_ERROR;
}
} else if (cmpserv("release", 2, 0)) {
ret = vof_release(vof, args[0], args[1]);
- if (ret != -1) {
+ if (ret != PROM_ERROR) {
vof_dt_memory_available(fdt, vof->claimed, vof->claimed_base);
}
} else if (cmpserv("call-method", 0, 0)) {
@@ -965,11 +970,15 @@
}
nret = be32_to_cpu(args_be.nret);
+ if (nret > ARRAY_SIZE(args_be.args) - nargs) {
+ return -EINVAL;
+ }
ret = vof_client_handle(ms, fdt, vof, service, args, nargs, rets, nret);
if (!nret) {
return 0;
}
+ /* @nrets includes the value which this function returns */
args_be.args[nargs] = cpu_to_be32(ret);
for (i = 1; i < nret; ++i) {
args_be.args[nargs + i] = cpu_to_be32(rets[i - 1]);
diff --git a/hw/sd/sd.c b/hw/sd/sd.c
index 1f964e0..bb5dbff 100644
--- a/hw/sd/sd.c
+++ b/hw/sd/sd.c
@@ -821,8 +821,15 @@
wpnum = sd_addr_to_wpnum(addr);
for (i = 0; i < 32; i++, wpnum++, addr += WPGROUP_SIZE) {
+ if (addr >= sd->size) {
+ /*
+ * If the addresses of the last groups are outside the valid range,
+ * then the corresponding write protection bits shall be set to 0.
+ */
+ continue;
+ }
assert(wpnum < sd->wpgrps_size);
- if (addr < sd->size && test_bit(wpnum, sd->wp_groups)) {
+ if (test_bit(wpnum, sd->wp_groups)) {
ret |= (1 << i);
}
}
diff --git a/hw/usb/host-libusb.c b/hw/usb/host-libusb.c
index c0f3144..00f6fbb 100644
--- a/hw/usb/host-libusb.c
+++ b/hw/usb/host-libusb.c
@@ -254,6 +254,29 @@
qemu_set_fd_handler(fd, NULL, NULL, NULL);
}
+#else
+
+static QEMUTimer *poll_timer;
+static uint32_t request_count;
+
+static void usb_host_timer_kick(void)
+{
+ int64_t delay_ns;
+
+ delay_ns = request_count
+ ? (NANOSECONDS_PER_SECOND / 100) /* 10 ms interval with active req */
+ : (NANOSECONDS_PER_SECOND); /* 1 sec interval otherwise */
+ timer_mod(poll_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + delay_ns);
+}
+
+static void usb_host_timer(void *opaque)
+{
+ struct timeval tv = { 0, 0 };
+
+ libusb_handle_events_timeout(ctx, &tv);
+ usb_host_timer_kick();
+}
+
#endif /* !CONFIG_WIN32 */
static int usb_host_init(void)
@@ -276,7 +299,8 @@
libusb_set_debug(ctx, loglevel);
#endif
#ifdef CONFIG_WIN32
- /* FIXME: add support for Windows. */
+ poll_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, usb_host_timer, NULL);
+ usb_host_timer_kick();
#else
libusb_set_pollfd_notifiers(ctx, usb_host_add_fd,
usb_host_del_fd,
@@ -364,11 +388,18 @@
r->buffer = g_malloc(bufsize);
}
QTAILQ_INSERT_TAIL(&s->requests, r, next);
+#ifdef CONFIG_WIN32
+ request_count++;
+ usb_host_timer_kick();
+#endif
return r;
}
static void usb_host_req_free(USBHostRequest *r)
{
+#ifdef CONFIG_WIN32
+ request_count--;
+#endif
QTAILQ_REMOVE(&r->host->requests, r, next);
libusb_free_transfer(r->xfer);
g_free(r->buffer);
diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
index 4ec9326..1ec909a 100644
--- a/hw/usb/redirect.c
+++ b/hw/usb/redirect.c
@@ -476,7 +476,7 @@
if (dev->endpoint[EP2I(ep)].bufpq_dropping_packets) {
if (dev->endpoint[EP2I(ep)].bufpq_size >
dev->endpoint[EP2I(ep)].bufpq_target_size) {
- free(data);
+ free(free_on_destroy);
return -1;
}
dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0;
diff --git a/include/hw/ppc/vof.h b/include/hw/ppc/vof.h
index 640be46..97fdef7 100644
--- a/include/hw/ppc/vof.h
+++ b/include/hw/ppc/vof.h
@@ -55,4 +55,6 @@
address_space_write(&address_space_memory, \
(pa), MEMTXATTRS_UNSPECIFIED, (buf), (size))
+#define PROM_ERROR (~0U)
+
#endif /* HW_VOF_H */
diff --git a/linux-user/s390x/cpu_loop.c b/linux-user/s390x/cpu_loop.c
index f2d1215..6a69a6d 100644
--- a/linux-user/s390x/cpu_loop.c
+++ b/linux-user/s390x/cpu_loop.c
@@ -25,6 +25,35 @@
/* s390x masks the fault address it reports in si_addr for SIGSEGV and SIGBUS */
#define S390X_FAIL_ADDR_MASK -4096LL
+static int get_pgm_data_si_code(int dxc_code)
+{
+ switch (dxc_code) {
+ /* Non-simulated IEEE exceptions */
+ case 0x80:
+ return TARGET_FPE_FLTINV;
+ case 0x40:
+ return TARGET_FPE_FLTDIV;
+ case 0x20:
+ case 0x28:
+ case 0x2c:
+ return TARGET_FPE_FLTOVF;
+ case 0x10:
+ case 0x18:
+ case 0x1c:
+ return TARGET_FPE_FLTUND;
+ case 0x08:
+ case 0x0c:
+ return TARGET_FPE_FLTRES;
+ }
+ /*
+ * Non-IEEE and simulated IEEE:
+ * Includes compare-and-trap, quantum exception, etc.
+ * Simulated IEEE are included here to match current
+ * s390x linux kernel.
+ */
+ return 0;
+}
+
void cpu_loop(CPUS390XState *env)
{
CPUState *cs = env_cpu(env);
@@ -64,7 +93,13 @@
case EXCP_DEBUG:
sig = TARGET_SIGTRAP;
n = TARGET_TRAP_BRKPT;
- goto do_signal_pc;
+ /*
+ * For SIGTRAP the PSW must point after the instruction, which it
+ * already does thanks to s390x_tr_tb_stop(). si_addr doesn't need
+ * to be filled.
+ */
+ addr = 0;
+ goto do_signal;
case EXCP_PGM:
n = env->int_pgm_code;
switch (n) {
@@ -100,29 +135,14 @@
case PGM_DATA:
n = (env->fpc >> 8) & 0xff;
- if (n == 0xff) {
- /* compare-and-trap */
+ if (n == 0) {
goto do_sigill_opn;
- } else {
- /* An IEEE exception, simulated or otherwise. */
- if (n & 0x80) {
- n = TARGET_FPE_FLTINV;
- } else if (n & 0x40) {
- n = TARGET_FPE_FLTDIV;
- } else if (n & 0x20) {
- n = TARGET_FPE_FLTOVF;
- } else if (n & 0x10) {
- n = TARGET_FPE_FLTUND;
- } else if (n & 0x08) {
- n = TARGET_FPE_FLTRES;
- } else {
- /* ??? Quantum exception; BFP, DFP error. */
- goto do_sigill_opn;
- }
- sig = TARGET_SIGFPE;
- goto do_signal_pc;
}
+ sig = TARGET_SIGFPE;
+ n = get_pgm_data_si_code(n);
+ goto do_signal_pc;
+
default:
fprintf(stderr, "Unhandled program exception: %#x\n", n);
cpu_dump_state(cs, stderr, 0);
@@ -132,6 +152,10 @@
do_signal_pc:
addr = env->psw.addr;
+ /*
+ * For SIGILL and SIGFPE the PSW must point after the instruction.
+ */
+ env->psw.addr += env->int_pgm_ilen;
do_signal:
info.si_signo = sig;
info.si_errno = 0;
diff --git a/meson.build b/meson.build
index f2e148e..af9bbb8 100644
--- a/meson.build
+++ b/meson.build
@@ -1824,6 +1824,8 @@
slirp_deps = []
if targetos == 'windows'
slirp_deps = cc.find_library('iphlpapi')
+ elif targetos == 'darwin'
+ slirp_deps = cc.find_library('resolv')
endif
slirp_conf = configuration_data()
slirp_conf.set('SLIRP_MAJOR_VERSION', meson.project_version().split('.')[0])
diff --git a/qga/commands-win32.c b/qga/commands-win32.c
index a099acb..7bac0c5 100644
--- a/qga/commands-win32.c
+++ b/qga/commands-win32.c
@@ -1091,7 +1091,7 @@
size_t len;
uint64_t i64FreeBytesToCaller, i64TotalBytes, i64FreeBytes;
GuestFilesystemInfo *fs = NULL;
- HANDLE hLocalDiskHandle = NULL;
+ HANDLE hLocalDiskHandle = INVALID_HANDLE_VALUE;
GetVolumePathNamesForVolumeName(guid, (LPCH)&mnt, 0, &info_size);
if (GetLastError() != ERROR_MORE_DATA) {
@@ -1149,7 +1149,9 @@
fs->type = g_strdup(fs_name);
fs->disk = build_guest_disk_info(guid, errp);
free:
- CloseHandle(hLocalDiskHandle);
+ if (hLocalDiskHandle != INVALID_HANDLE_VALUE) {
+ CloseHandle(hLocalDiskHandle);
+ }
g_free(mnt_point);
return fs;
}
@@ -2229,7 +2231,7 @@
static char *ga_get_win_product_name(Error **errp)
{
- HKEY key = NULL;
+ HKEY key = INVALID_HANDLE_VALUE;
DWORD size = 128;
char *result = g_malloc0(size);
LONG err = ERROR_SUCCESS;
@@ -2239,7 +2241,8 @@
&key);
if (err != ERROR_SUCCESS) {
error_setg_win32(errp, err, "failed to open registry key");
- goto fail;
+ g_free(result);
+ return NULL;
}
err = RegQueryValueExA(key, "ProductName", NULL, NULL,
@@ -2260,9 +2263,13 @@
goto fail;
}
+ RegCloseKey(key);
return result;
fail:
+ if (key != INVALID_HANDLE_VALUE) {
+ RegCloseKey(key);
+ }
g_free(result);
return NULL;
}
@@ -2452,7 +2459,7 @@
continue;
}
for (j = 0; hw_ids[j] != NULL; j++) {
- GMatchInfo *match_info;
+ g_autoptr(GMatchInfo) match_info;
GuestDeviceIdPCI *id;
if (!g_regex_match(device_pci_re, hw_ids[j], 0, &match_info)) {
continue;
@@ -2469,7 +2476,6 @@
id->vendor_id = g_ascii_strtoull(vendor_id, NULL, 16);
id->device_id = g_ascii_strtoull(device_id, NULL, 16);
- g_match_info_free(match_info);
break;
}
if (skip) {
diff --git a/qga/installer/qemu-ga.wxs b/qga/installer/qemu-ga.wxs
index 9cb4c3d..0950e8c 100644
--- a/qga/installer/qemu-ga.wxs
+++ b/qga/installer/qemu-ga.wxs
@@ -31,7 +31,7 @@
<?endif?>
<?if $(var.Arch) = "32"?>
- <?define ArchLib=libgcc_s_sjlj-1.dll?>
+ <?define ArchLib=libgcc_s_dw2-1.dll?>
<?define GaProgramFilesFolder="ProgramFilesFolder" ?>
<?endif?>
@@ -84,6 +84,9 @@
<ServiceControl Id="StartService" Start="install" Stop="both" Remove="uninstall" Name="QEMU-GA" Wait="yes" />
</Component>
<?ifdef var.InstallVss?>
+ <Component Id="libstdc++_6_lib" Guid="{55E737B5-9127-4A11-9FC3-A29367714574}">
+ <File Id="libstdc++-6.lib" Name="libstdc++-6.dll" Source="$(var.Mingw_bin)/libstdc++-6.dll" KeyPath="yes" DiskId="1"/>
+ </Component>
<Component Id="qga_vss_dll" Guid="{CB19C453-FABB-4BB1-ABAB-6B74F687BFBB}">
<File Id="qga_vss.dll" Name="qga-vss.dll" Source="$(env.BUILD_DIR)/qga/vss-win32/qga-vss.dll" KeyPath="yes" DiskId="1"/>
</Component>
@@ -164,6 +167,7 @@
<Feature Id="QEMUFeature" Title="QEMU Guest Agent" Level="1">
<ComponentRef Id="qemu_ga" />
<?ifdef var.InstallVss?>
+ <ComponentRef Id="libstdc++_6_lib" />
<ComponentRef Id="qga_vss_dll" />
<ComponentRef Id="qga_vss_tlb" />
<?endif?>
diff --git a/qga/vss-win32/requester.cpp b/qga/vss-win32/requester.cpp
index 5378c55..940a2c8 100644
--- a/qga/vss-win32/requester.cpp
+++ b/qga/vss-win32/requester.cpp
@@ -18,7 +18,7 @@
#include <inc/win2003/vsbackup.h>
/* Max wait time for frozen event (VSS can only hold writes for 10 seconds) */
-#define VSS_TIMEOUT_FREEZE_MSEC 10000
+#define VSS_TIMEOUT_FREEZE_MSEC 60000
/* Call QueryStatus every 10 ms while waiting for frozen event */
#define VSS_TIMEOUT_EVENT_MSEC 10
diff --git a/scripts/coverity-scan/model.c b/scripts/coverity-scan/model.c
index 2c0346f..9d4fba5 100644
--- a/scripts/coverity-scan/model.c
+++ b/scripts/coverity-scan/model.c
@@ -45,9 +45,10 @@
/* exec.c */
typedef struct AddressSpace AddressSpace;
+typedef struct MemoryRegionCache MemoryRegionCache;
typedef uint64_t hwaddr;
typedef uint32_t MemTxResult;
-typedef uint64_t MemTxAttrs;
+typedef struct MemTxAttrs {} MemTxAttrs;
static void __bufwrite(uint8_t *buf, ssize_t len)
{
@@ -67,9 +68,40 @@
int last = buf[len-1];
}
+MemTxResult address_space_read_cached(MemoryRegionCache *cache, hwaddr addr,
+ MemTxAttrs attrs,
+ void *buf, int len)
+{
+ MemTxResult result;
+ // TODO: investigate impact of treating reads as producing
+ // tainted data, with __coverity_tainted_data_argument__(buf).
+ __bufwrite(buf, len);
+ return result;
+}
+
+MemTxResult address_space_write_cached(MemoryRegionCache *cache, hwaddr addr,
+ MemTxAttrs attrs,
+ const void *buf, int len)
+{
+ MemTxResult result;
+ __bufread(buf, len);
+ return result;
+}
+
+MemTxResult address_space_rw_cached(MemoryRegionCache *cache, hwaddr addr,
+ MemTxAttrs attrs,
+ void *buf, int len, bool is_write)
+{
+ if (is_write) {
+ return address_space_write_cached(cache, addr, attrs, buf, len);
+ } else {
+ return address_space_read_cached(cache, addr, attrs, buf, len);
+ }
+}
+
MemTxResult address_space_read(AddressSpace *as, hwaddr addr,
MemTxAttrs attrs,
- uint8_t *buf, int len)
+ void *buf, int len)
{
MemTxResult result;
// TODO: investigate impact of treating reads as producing
@@ -80,13 +112,23 @@
MemTxResult address_space_write(AddressSpace *as, hwaddr addr,
MemTxAttrs attrs,
- const uint8_t *buf, int len)
+ const void *buf, int len)
{
MemTxResult result;
__bufread(buf, len);
return result;
}
+MemTxResult address_space_rw(AddressSpace *as, hwaddr addr,
+ MemTxAttrs attrs,
+ void *buf, int len, bool is_write)
+{
+ if (is_write) {
+ return address_space_write(as, addr, attrs, buf, len);
+ } else {
+ return address_space_read(as, addr, attrs, buf, len);
+ }
+}
/* Tainting */
@@ -136,54 +178,56 @@
void *g_malloc_n(size_t nmemb, size_t size)
{
- size_t sz;
void *ptr;
__coverity_negative_sink__(nmemb);
__coverity_negative_sink__(size);
- sz = nmemb * size;
- ptr = __coverity_alloc__(sz);
+ ptr = __coverity_alloc__(nmemb * size);
+ if (!ptr) {
+ __coverity_panic__();
+ }
__coverity_mark_as_uninitialized_buffer__(ptr);
- __coverity_mark_as_afm_allocated__(ptr, "g_free");
+ __coverity_mark_as_afm_allocated__(ptr, AFM_free);
return ptr;
}
void *g_malloc0_n(size_t nmemb, size_t size)
{
- size_t sz;
void *ptr;
__coverity_negative_sink__(nmemb);
__coverity_negative_sink__(size);
- sz = nmemb * size;
- ptr = __coverity_alloc__(sz);
+ ptr = __coverity_alloc__(nmemb * size);
+ if (!ptr) {
+ __coverity_panic__();
+ }
__coverity_writeall0__(ptr);
- __coverity_mark_as_afm_allocated__(ptr, "g_free");
+ __coverity_mark_as_afm_allocated__(ptr, AFM_free);
return ptr;
}
void *g_realloc_n(void *ptr, size_t nmemb, size_t size)
{
- size_t sz;
-
__coverity_negative_sink__(nmemb);
__coverity_negative_sink__(size);
- sz = nmemb * size;
__coverity_escape__(ptr);
- ptr = __coverity_alloc__(sz);
+ ptr = __coverity_alloc__(nmemb * size);
+ if (!ptr) {
+ __coverity_panic__();
+ }
/*
* Memory beyond the old size isn't actually initialized. Can't
* model that. See Coverity's realloc() model
*/
__coverity_writeall__(ptr);
- __coverity_mark_as_afm_allocated__(ptr, "g_free");
+ __coverity_mark_as_afm_allocated__(ptr, AFM_free);
return ptr;
}
void g_free(void *ptr)
{
__coverity_free__(ptr);
- __coverity_mark_as_afm_freed__(ptr, "g_free");
+ __coverity_mark_as_afm_freed__(ptr, AFM_free);
}
/*
@@ -221,140 +265,81 @@
return g_realloc_n(ptr, nmemb, size);
}
-/* Trivially derive the g_FOO() from the g_FOO_n() */
+/* Derive the g_FOO() from the g_FOO_n() */
void *g_malloc(size_t size)
{
- return g_malloc_n(1, size);
+ void *ptr;
+
+ __coverity_negative_sink__(size);
+ ptr = __coverity_alloc__(size);
+ if (!ptr) {
+ __coverity_panic__();
+ }
+ __coverity_mark_as_uninitialized_buffer__(ptr);
+ __coverity_mark_as_afm_allocated__(ptr, AFM_free);
+ return ptr;
}
void *g_malloc0(size_t size)
{
- return g_malloc0_n(1, size);
+ void *ptr;
+
+ __coverity_negative_sink__(size);
+ ptr = __coverity_alloc__(size);
+ if (!ptr) {
+ __coverity_panic__();
+ }
+ __coverity_writeall0__(ptr);
+ __coverity_mark_as_afm_allocated__(ptr, AFM_free);
+ return ptr;
}
void *g_realloc(void *ptr, size_t size)
{
- return g_realloc_n(ptr, 1, size);
+ __coverity_negative_sink__(size);
+ __coverity_escape__(ptr);
+ ptr = __coverity_alloc__(size);
+ if (!ptr) {
+ __coverity_panic__();
+ }
+ /*
+ * Memory beyond the old size isn't actually initialized. Can't
+ * model that. See Coverity's realloc() model
+ */
+ __coverity_writeall__(ptr);
+ __coverity_mark_as_afm_allocated__(ptr, AFM_free);
+ return ptr;
}
void *g_try_malloc(size_t size)
{
- return g_try_malloc_n(1, size);
+ int nomem;
+
+ if (nomem) {
+ return NULL;
+ }
+ return g_malloc(size);
}
void *g_try_malloc0(size_t size)
{
- return g_try_malloc0_n(1, size);
+ int nomem;
+
+ if (nomem) {
+ return NULL;
+ }
+ return g_malloc0(size);
}
void *g_try_realloc(void *ptr, size_t size)
{
- return g_try_realloc_n(ptr, 1, size);
-}
+ int nomem;
-/* Other memory allocation functions */
-
-void *g_memdup(const void *ptr, unsigned size)
-{
- unsigned char *dup;
- unsigned i;
-
- if (!ptr) {
+ if (nomem) {
return NULL;
}
-
- dup = g_malloc(size);
- for (i = 0; i < size; i++)
- dup[i] = ((unsigned char *)ptr)[i];
- return dup;
-}
-
-/*
- * GLib string allocation functions
- */
-
-char *g_strdup(const char *s)
-{
- char *dup;
- size_t i;
-
- if (!s) {
- return NULL;
- }
-
- __coverity_string_null_sink__(s);
- __coverity_string_size_sink__(s);
- dup = __coverity_alloc_nosize__();
- __coverity_mark_as_afm_allocated__(dup, "g_free");
- for (i = 0; (dup[i] = s[i]); i++) ;
- return dup;
-}
-
-char *g_strndup(const char *s, size_t n)
-{
- char *dup;
- size_t i;
-
- __coverity_negative_sink__(n);
-
- if (!s) {
- return NULL;
- }
-
- dup = g_malloc(n + 1);
- for (i = 0; i < n && (dup[i] = s[i]); i++) ;
- dup[i] = 0;
- return dup;
-}
-
-char *g_strdup_printf(const char *format, ...)
-{
- char ch, *s;
- size_t len;
-
- __coverity_string_null_sink__(format);
- __coverity_string_size_sink__(format);
-
- ch = *format;
-
- s = __coverity_alloc_nosize__();
- __coverity_writeall__(s);
- __coverity_mark_as_afm_allocated__(s, "g_free");
- return s;
-}
-
-char *g_strdup_vprintf(const char *format, va_list ap)
-{
- char ch, *s;
- size_t len;
-
- __coverity_string_null_sink__(format);
- __coverity_string_size_sink__(format);
-
- ch = *format;
- ch = *(char *)ap;
-
- s = __coverity_alloc_nosize__();
- __coverity_writeall__(s);
- __coverity_mark_as_afm_allocated__(s, "g_free");
-
- return len;
-}
-
-char *g_strconcat(const char *s, ...)
-{
- char *s;
-
- /*
- * Can't model: last argument must be null, the others
- * null-terminated strings
- */
-
- s = __coverity_alloc_nosize__();
- __coverity_writeall__(s);
- __coverity_mark_as_afm_allocated__(s, "g_free");
- return s;
+ return g_realloc(ptr, size);
}
/* Other glib functions */
diff --git a/slirp b/slirp
index 8f43a99..a88d9ac 160000
--- a/slirp
+++ b/slirp
@@ -1 +1 @@
-Subproject commit 8f43a99191afb47ca3f3c6972f6306209f367ece
+Subproject commit a88d9ace234a24ce1c17189642ef9104799425e0
diff --git a/softmmu/vl.c b/softmmu/vl.c
index f815acc..5ca11e7 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -31,6 +31,7 @@
#include "qapi/compat-policy.h"
#include "qapi/error.h"
#include "qapi/qmp/qdict.h"
+#include "qapi/qmp/qstring.h"
#include "qapi/qmp/qjson.h"
#include "qemu-version.h"
#include "qemu/cutils.h"
@@ -1535,22 +1536,35 @@
}
static void
+machine_merge_property(const char *propname, QDict *prop, Error **errp)
+{
+ QDict *opts;
+
+ opts = qdict_new();
+ /* Preserve the caller's reference to prop. */
+ qobject_ref(prop);
+ qdict_put(opts, propname, prop);
+ keyval_merge(machine_opts_dict, opts, errp);
+ qobject_unref(opts);
+}
+
+static void
machine_parse_property_opt(QemuOptsList *opts_list, const char *propname,
const char *arg, Error **errp)
{
- QDict *opts, *prop;
+ QDict *prop = NULL;
bool help = false;
- ERRP_GUARD();
prop = keyval_parse(arg, opts_list->implied_opt_name, &help, errp);
if (help) {
qemu_opts_print_help(opts_list, true);
+ exit(0);
+ }
+ if (!prop) {
return;
}
- opts = qdict_new();
- qdict_put(opts, propname, prop);
- keyval_merge(machine_opts_dict, opts, errp);
- qobject_unref(opts);
+ machine_merge_property(propname, prop, errp);
+ qobject_unref(prop);
}
static const char *pid_file;
@@ -2153,7 +2167,8 @@
static bool is_qemuopts_group(const char *group)
{
if (g_str_equal(group, "object") ||
- g_str_equal(group, "machine")) {
+ g_str_equal(group, "machine") ||
+ g_str_equal(group, "smp-opts")) {
return false;
}
return true;
@@ -2173,6 +2188,8 @@
*/
assert(!from_json);
keyval_merge(machine_opts_dict, dict, errp);
+ } else if (g_str_equal(group, "smp-opts")) {
+ machine_merge_property("smp", dict, &error_fatal);
} else {
abort();
}
@@ -2439,13 +2456,15 @@
static void qemu_process_sugar_options(void)
{
if (mem_prealloc) {
- char *val;
-
- val = g_strdup_printf("%d",
- (uint32_t) qemu_opt_get_number(qemu_find_opts_singleton("smp-opts"), "cpus", 1));
- object_register_sugar_prop("memory-backend", "prealloc-threads", val,
- false);
- g_free(val);
+ QObject *smp = qdict_get(machine_opts_dict, "smp");
+ if (smp && qobject_type(smp) == QTYPE_QDICT) {
+ QObject *cpus = qdict_get(qobject_to(QDict, smp), "cpus");
+ if (cpus && qobject_type(cpus) == QTYPE_QSTRING) {
+ const char *val = qstring_get_str(qobject_to(QString, cpus));
+ object_register_sugar_prop("memory-backend", "prealloc-threads",
+ val, false);
+ }
+ }
object_register_sugar_prop("memory-backend", "prealloc", "on", false);
}
diff --git a/subprojects/libvhost-user/include/atomic.h b/subprojects/libvhost-user/include/atomic.h
new file mode 120000
index 0000000..8c2be64
--- /dev/null
+++ b/subprojects/libvhost-user/include/atomic.h
@@ -0,0 +1 @@
+../../../include/qemu/atomic.h
\ No newline at end of file
diff --git a/subprojects/libvhost-user/libvhost-user.c b/subprojects/libvhost-user/libvhost-user.c
index fab7ca1..bf09693 100644
--- a/subprojects/libvhost-user/libvhost-user.c
+++ b/subprojects/libvhost-user/libvhost-user.c
@@ -40,7 +40,7 @@
#endif
-#include "qemu/atomic.h"
+#include "include/atomic.h"
#include "libvhost-user.h"
@@ -1067,10 +1067,10 @@
DPRINT("vhost_vring_addr:\n");
DPRINT(" index: %d\n", vra->index);
DPRINT(" flags: %d\n", vra->flags);
- DPRINT(" desc_user_addr: 0x%016" PRIx64 "\n", vra->desc_user_addr);
- DPRINT(" used_user_addr: 0x%016" PRIx64 "\n", vra->used_user_addr);
- DPRINT(" avail_user_addr: 0x%016" PRIx64 "\n", vra->avail_user_addr);
- DPRINT(" log_guest_addr: 0x%016" PRIx64 "\n", vra->log_guest_addr);
+ DPRINT(" desc_user_addr: 0x%016" PRIx64 "\n", (uint64_t)vra->desc_user_addr);
+ DPRINT(" used_user_addr: 0x%016" PRIx64 "\n", (uint64_t)vra->used_user_addr);
+ DPRINT(" avail_user_addr: 0x%016" PRIx64 "\n", (uint64_t)vra->avail_user_addr);
+ DPRINT(" log_guest_addr: 0x%016" PRIx64 "\n", (uint64_t)vra->log_guest_addr);
vq->vra = *vra;
vq->vring.flags = vra->flags;
diff --git a/subprojects/libvhost-user/meson.build b/subprojects/libvhost-user/meson.build
index b03446e..39825d9 100644
--- a/subprojects/libvhost-user/meson.build
+++ b/subprojects/libvhost-user/meson.build
@@ -4,21 +4,17 @@
threads = dependency('threads')
glib = dependency('glib-2.0')
-inc = include_directories('../../include', '../../linux-headers')
vhost_user = static_library('vhost-user',
files('libvhost-user.c'),
- include_directories: inc,
dependencies: threads,
c_args: '-D_GNU_SOURCE')
executable('link-test', files('link-test.c'),
- link_whole: vhost_user,
- include_directories: inc)
+ link_whole: vhost_user)
vhost_user_glib = static_library('vhost-user-glib',
files('libvhost-user-glib.c'),
- include_directories: inc,
link_with: vhost_user,
dependencies: glib)
diff --git a/subprojects/libvhost-user/standard-headers/linux b/subprojects/libvhost-user/standard-headers/linux
new file mode 120000
index 0000000..15a2378
--- /dev/null
+++ b/subprojects/libvhost-user/standard-headers/linux
@@ -0,0 +1 @@
+../../../include/standard-headers/linux
\ No newline at end of file
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 59ed832..e69abe4 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -975,6 +975,12 @@
kvm_check_extension(kvm_state, KVM_CAP_SYS_HYPERV_CPUID) > 0;
/*
+ * Non-empty KVM context is needed when KVM_CAP_SYS_HYPERV_CPUID is
+ * unsupported, kvm_hyperv_expand_features() checks for that.
+ */
+ assert(do_sys_ioctl || cs->kvm_state);
+
+ /*
* When the buffer is too small, KVM_GET_SUPPORTED_HV_CPUID fails with
* -E2BIG, however, it doesn't report back the right size. Keep increasing
* it and re-trying until we succeed.
@@ -1105,6 +1111,14 @@
if (kvm_check_extension(kvm_state, KVM_CAP_HYPERV_CPUID) > 0) {
cpuid = get_supported_hv_cpuid(cs);
} else {
+ /*
+ * 'cs->kvm_state' may be NULL when Hyper-V features are expanded
+ * before KVM context is created but this is only done when
+ * KVM_CAP_SYS_HYPERV_CPUID is supported and it implies
+ * KVM_CAP_HYPERV_CPUID.
+ */
+ assert(cs->kvm_state);
+
cpuid = get_supported_hv_cpuid_legacy(cs);
}
hv_cpuid_cache = cpuid;
diff --git a/target/i386/tcg/sysemu/svm_helper.c b/target/i386/tcg/sysemu/svm_helper.c
index 145511d..e151104 100644
--- a/target/i386/tcg/sysemu/svm_helper.c
+++ b/target/i386/tcg/sysemu/svm_helper.c
@@ -70,7 +70,7 @@
uint32_t int_prio;
uint32_t tpr;
- int_prio = (int_ctl & V_INTR_PRIO_MASK) >> V_INTR_MASKING_SHIFT;
+ int_prio = (int_ctl & V_INTR_PRIO_MASK) >> V_INTR_PRIO_SHIFT;
tpr = int_ctl & V_TPR_MASK;
return (int_ctl & V_IRQ_MASK) && (int_prio >= tpr);
}
@@ -383,6 +383,9 @@
cpu_loop_exit(cs);
break;
case SVM_EVTINJ_TYPE_EXEPT:
+ if (vector == EXCP02_NMI || vector >= 31) {
+ cpu_vmexit(env, SVM_EXIT_ERR, 0, GETPC());
+ }
cs->exception_index = vector;
env->error_code = event_inj_err;
env->exception_is_int = 0;
@@ -398,6 +401,9 @@
qemu_log_mask(CPU_LOG_TB_IN_ASM, "SOFT");
cpu_loop_exit(cs);
break;
+ default:
+ cpu_vmexit(env, SVM_EXIT_ERR, 0, GETPC());
+ break;
}
qemu_log_mask(CPU_LOG_TB_IN_ASM, " %#x %#x\n", cs->exception_index,
env->error_code);
diff --git a/target/nios2/helper.h b/target/nios2/helper.h
index b0cb914..6c8f0b5 100644
--- a/target/nios2/helper.h
+++ b/target/nios2/helper.h
@@ -18,7 +18,7 @@
* <http://www.gnu.org/licenses/lgpl-2.1.html>
*/
-DEF_HELPER_2(raise_exception, void, env, i32)
+DEF_HELPER_FLAGS_2(raise_exception, TCG_CALL_NO_WG, noreturn, env, i32)
#if !defined(CONFIG_USER_ONLY)
DEF_HELPER_2(mmu_read_debug, void, env, i32)
diff --git a/target/ppc/translate/fixedpoint-impl.c.inc b/target/ppc/translate/fixedpoint-impl.c.inc
index 8864ac4..2e2518e 100644
--- a/target/ppc/translate/fixedpoint-impl.c.inc
+++ b/target/ppc/translate/fixedpoint-impl.c.inc
@@ -171,8 +171,35 @@
static bool do_cmp_X(DisasContext *ctx, arg_X_bfl *a, bool s)
{
+ if ((ctx->insns_flags & PPC_64B) == 0) {
+ /*
+ * For 32-bit implementations, The Programming Environments Manual says
+ * that "the L field must be cleared, otherwise the instruction form is
+ * invalid." It seems, however, that most 32-bit CPUs ignore invalid
+ * forms (e.g., section "Instruction Formats" of the 405 and 440
+ * manuals, "Integer Compare Instructions" of the 601 manual), with the
+ * notable exception of the e500 and e500mc, where L=1 was reported to
+ * cause an exception.
+ */
+ if (a->l) {
+ if ((ctx->insns_flags2 & PPC2_BOOKE206)) {
+ /*
+ * For 32-bit Book E v2.06 implementations (i.e. e500/e500mc),
+ * generate an illegal instruction exception.
+ */
+ return false;
+ } else {
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "Invalid form of CMP%s at 0x" TARGET_FMT_lx ", L = 1\n",
+ s ? "" : "L", ctx->cia);
+ }
+ }
+ gen_op_cmp32(cpu_gpr[a->ra], cpu_gpr[a->rb], s, a->bf);
+ return true;
+ }
+
+ /* For 64-bit implementations, deal with bit L accordingly. */
if (a->l) {
- REQUIRE_64BIT(ctx);
gen_op_cmp(cpu_gpr[a->ra], cpu_gpr[a->rb], s, a->bf);
} else {
gen_op_cmp32(cpu_gpr[a->ra], cpu_gpr[a->rb], s, a->bf);
@@ -182,8 +209,35 @@
static bool do_cmp_D(DisasContext *ctx, arg_D_bf *a, bool s)
{
+ if ((ctx->insns_flags & PPC_64B) == 0) {
+ /*
+ * For 32-bit implementations, The Programming Environments Manual says
+ * that "the L field must be cleared, otherwise the instruction form is
+ * invalid." It seems, however, that most 32-bit CPUs ignore invalid
+ * forms (e.g., section "Instruction Formats" of the 405 and 440
+ * manuals, "Integer Compare Instructions" of the 601 manual), with the
+ * notable exception of the e500 and e500mc, where L=1 was reported to
+ * cause an exception.
+ */
+ if (a->l) {
+ if ((ctx->insns_flags2 & PPC2_BOOKE206)) {
+ /*
+ * For 32-bit Book E v2.06 implementations (i.e. e500/e500mc),
+ * generate an illegal instruction exception.
+ */
+ return false;
+ } else {
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "Invalid form of CMP%s at 0x" TARGET_FMT_lx ", L = 1\n",
+ s ? "I" : "LI", ctx->cia);
+ }
+ }
+ gen_op_cmp32(cpu_gpr[a->ra], tcg_constant_tl(a->imm), s, a->bf);
+ return true;
+ }
+
+ /* For 64-bit implementations, deal with bit L accordingly. */
if (a->l) {
- REQUIRE_64BIT(ctx);
gen_op_cmp(cpu_gpr[a->ra], tcg_constant_tl(a->imm), s, a->bf);
} else {
gen_op_cmp32(cpu_gpr[a->ra], tcg_constant_tl(a->imm), s, a->bf);
diff --git a/tests/docker/dockerfiles/fedora-win32-cross.docker b/tests/docker/dockerfiles/fedora-win32-cross.docker
index 5a03e1a..aad39dd 100644
--- a/tests/docker/dockerfiles/fedora-win32-cross.docker
+++ b/tests/docker/dockerfiles/fedora-win32-cross.docker
@@ -23,6 +23,7 @@
mingw32-libjpeg-turbo \
mingw32-libpng \
mingw32-libtasn1 \
+ mingw32-libusbx \
mingw32-nettle \
mingw32-nsis \
mingw32-pixman \
diff --git a/tests/docker/dockerfiles/fedora-win64-cross.docker b/tests/docker/dockerfiles/fedora-win64-cross.docker
index d3f1366..9a224a6 100644
--- a/tests/docker/dockerfiles/fedora-win64-cross.docker
+++ b/tests/docker/dockerfiles/fedora-win64-cross.docker
@@ -23,6 +23,7 @@
mingw64-libjpeg-turbo \
mingw64-libpng \
mingw64-libtasn1 \
+ mingw64-libusbx \
mingw64-pixman \
mingw64-pkg-config \
perl \
diff --git a/tests/qtest/fuzz-sdcard-test.c b/tests/qtest/fuzz-sdcard-test.c
index 96602ea..ae14305 100644
--- a/tests/qtest/fuzz-sdcard-test.c
+++ b/tests/qtest/fuzz-sdcard-test.c
@@ -52,6 +52,41 @@
qtest_quit(s);
}
+/*
+ * https://gitlab.com/qemu-project/qemu/-/issues/495
+ * Used to trigger:
+ * Assertion `wpnum < sd->wpgrps_size' failed.
+ */
+static void oss_fuzz_36217(void)
+{
+ QTestState *s;
+
+ s = qtest_init(" -display none -m 32 -nodefaults -nographic"
+ " -device sdhci-pci,sd-spec-version=3 "
+ "-device sd-card,drive=d0 "
+ "-drive if=none,index=0,file=null-co://,format=raw,id=d0");
+
+ qtest_outl(s, 0xcf8, 0x80001010);
+ qtest_outl(s, 0xcfc, 0xe0000000);
+ qtest_outl(s, 0xcf8, 0x80001004);
+ qtest_outw(s, 0xcfc, 0x02);
+ qtest_bufwrite(s, 0xe000002c, "\x05", 0x1);
+ qtest_bufwrite(s, 0xe000000f, "\x37", 0x1);
+ qtest_bufwrite(s, 0xe000000a, "\x01", 0x1);
+ qtest_bufwrite(s, 0xe000000f, "\x29", 0x1);
+ qtest_bufwrite(s, 0xe000000f, "\x02", 0x1);
+ qtest_bufwrite(s, 0xe000000f, "\x03", 0x1);
+ qtest_bufwrite(s, 0xe0000005, "\x01", 0x1);
+ qtest_bufwrite(s, 0xe000000f, "\x06", 0x1);
+ qtest_bufwrite(s, 0xe000000c, "\x05", 0x1);
+ qtest_bufwrite(s, 0xe000000e, "\x20", 0x1);
+ qtest_bufwrite(s, 0xe000000f, "\x08", 0x1);
+ qtest_bufwrite(s, 0xe000000b, "\x3d", 0x1);
+ qtest_bufwrite(s, 0xe000000f, "\x1e", 0x1);
+
+ qtest_quit(s);
+}
+
int main(int argc, char **argv)
{
const char *arch = qtest_get_arch();
@@ -60,6 +95,7 @@
if (strcmp(arch, "i386") == 0) {
qtest_add_func("fuzz/sdcard/oss_fuzz_29225", oss_fuzz_29225);
+ qtest_add_func("fuzz/sdcard/oss_fuzz_36217", oss_fuzz_36217);
}
return g_test_run();
diff --git a/tests/qtest/migration-test.c b/tests/qtest/migration-test.c
index 1e8b778..cc5e83d 100644
--- a/tests/qtest/migration-test.c
+++ b/tests/qtest/migration-test.c
@@ -27,7 +27,8 @@
#include "migration-helpers.h"
#include "tests/migration/migration-test.h"
-#if defined(__linux__)
+/* For dirty ring test; so far only x86_64 is supported */
+#if defined(__linux__) && defined(HOST_X86_64)
#include "linux/kvm.h"
#endif
@@ -1395,7 +1396,7 @@
static bool kvm_dirty_ring_supported(void)
{
-#if defined(__linux__)
+#if defined(__linux__) && defined(HOST_X86_64)
int ret, kvm_fd = open("/dev/kvm", O_RDONLY);
if (kvm_fd < 0) {
diff --git a/tests/tcg/s390x/Makefile.target b/tests/tcg/s390x/Makefile.target
index 5d3de1b..bd084c7 100644
--- a/tests/tcg/s390x/Makefile.target
+++ b/tests/tcg/s390x/Makefile.target
@@ -8,4 +8,4 @@
TESTS+=pack
TESTS+=mvo
TESTS+=mvc
-
+TESTS+=trap
diff --git a/tests/tcg/s390x/trap.c b/tests/tcg/s390x/trap.c
new file mode 100644
index 0000000..d4c61c7
--- /dev/null
+++ b/tests/tcg/s390x/trap.c
@@ -0,0 +1,102 @@
+/*
+ * Copyright 2021 IBM Corp.
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or (at
+ * your option) any later version. See the COPYING file in the top-level
+ * directory.
+ */
+
+#include <stdarg.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <errno.h>
+#include <string.h>
+#include <signal.h>
+
+static void error1(const char *filename, int line, const char *fmt, ...)
+{
+ va_list ap;
+ va_start(ap, fmt);
+ fprintf(stderr, "%s:%d: ", filename, line);
+ vfprintf(stderr, fmt, ap);
+ fprintf(stderr, "\n");
+ va_end(ap);
+ exit(1);
+}
+
+static int __chk_error(const char *filename, int line, int ret)
+{
+ if (ret < 0) {
+ error1(filename, line, "%m (ret=%d, errno=%d/%s)",
+ ret, errno, strerror(errno));
+ }
+ return ret;
+}
+
+#define error(fmt, ...) error1(__FILE__, __LINE__, fmt, ## __VA_ARGS__)
+
+#define chk_error(ret) __chk_error(__FILE__, __LINE__, (ret))
+
+int sigfpe_count;
+int sigill_count;
+
+static void sig_handler(int sig, siginfo_t *si, void *puc)
+{
+ if (sig == SIGFPE) {
+ if (si->si_code != 0) {
+ error("unexpected si_code: 0x%x != 0", si->si_code);
+ }
+ ++sigfpe_count;
+ return;
+ }
+
+ if (sig == SIGILL) {
+ ++sigill_count;
+ return;
+ }
+
+ error("unexpected signal 0x%x\n", sig);
+}
+
+int main(int argc, char **argv)
+{
+ sigfpe_count = sigill_count = 0;
+
+ struct sigaction act;
+
+ /* Set up SIG handler */
+ act.sa_sigaction = sig_handler;
+ sigemptyset(&act.sa_mask);
+ act.sa_flags = SA_SIGINFO;
+ chk_error(sigaction(SIGFPE, &act, NULL));
+ chk_error(sigaction(SIGILL, &act, NULL));
+
+ uint64_t z = 0x0ull;
+ uint64_t lz = 0xffffffffffffffffull;
+ asm volatile (
+ "lg %%r13,%[lz]\n"
+ "cgitne %%r13,0\n" /* SIGFPE */
+ "lg %%r13,%[z]\n"
+ "cgitne %%r13,0\n" /* no trap */
+ "nopr\n"
+ "lg %%r13,%[lz]\n"
+ "citne %%r13,0\n" /* SIGFPE */
+ "lg %%r13,%[z]\n"
+ "citne %%r13,0\n" /* no trap */
+ "nopr\n"
+ :
+ : [z] "m" (z), [lz] "m" (lz)
+ : "memory", "r13");
+
+ if (sigfpe_count != 2) {
+ error("unexpected SIGFPE count: %d != 2", sigfpe_count);
+ }
+ if (sigill_count != 0) {
+ error("unexpected SIGILL count: %d != 0", sigill_count);
+ }
+
+ printf("PASS\n");
+ return 0;
+}
diff --git a/ui/input-barrier.c b/ui/input-barrier.c
index 81b8d04..2d57ca7 100644
--- a/ui/input-barrier.c
+++ b/ui/input-barrier.c
@@ -3,6 +3,11 @@
*
* This work is licensed under the terms of the GNU GPL, version 2 or later.
* See the COPYING file in the top-level directory.
+ *
+ * TODO:
+ *
+ * - Enable SSL
+ * - Manage SetOptions/ResetOptions commands
*/
#include "qemu/osdep.h"
